Configuring WebSphere Application Server and enabling the SPNEGO TAI (deprecated)

Performing this task helps you, as web administrator, to ensure that WebSphere® Application Server is properly configured to enable the operation of the Simple and Protected GSS-API Negotiation (SPNEGO) trust association interceptor (TAI).

Before you begin

You need to know how to use the WebSphere Application Server administrative console to manage the security configuration and have the proper authority to modify the security configuration of the application server.
已淘汰的特性 已淘汰的特性:

In WebSphere Application Server Version 6.1, a trust association interceptor (TAI) that uses the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) to securely negotiate and authenticate HTTP requests for secured resources was introduced. In WebSphere Application Server 7.0, this function is now deprecated. SPNEGO web authentication has taken its place to provide dynamic reload of the SPNEGO filters and to enable fallback to the application login method.

depfeat

About this task

Complete the following steps to enable the operation of the SPNEGO TAI.

Procedure

  1. Log on to the WebSphere Application Server administrative console.
  2. Click Security > Global security.
  3. Expand Web security and click Trust association.
  4. Under the General Properties heading, select the Enable trust association check box, then click Interceptors.
  5. Select the SPNEGO TAI in the list of interceptors.
  6. Then click Custom properties.
  7. Click New and then fill in the Name and Value fields. Click OK. Repeat this step for each custom property that you want to apply to the SPNEGO TAI. See SPNEGO TAI custom properties configuration (deprecated) for a complete list of SPNEGO TAI custom properties.
    Note: It is recommended that you use the wsadmin utility to manage the SPNEGO TAI properties. You can add, modify, and delete SPNEGO TAI properties as well as display them using wsadmin. See Adding SPNEGO TAI properties using the wsadmin utility (deprecated) to add, Modifying SPNEGO TAI properties using the wsadmin utility (deprecated) to modify, and Deleting SPNEGO TAI properties using the wsadmin utility (deprecated) to delete SPNEGO TAI properties.
  8. After you finish defining your custom properties, click Save to store the updated SPNEGO TAI configuration.
  9. Optional: If an alias for a connecting host name is added dynamically after the application server is started, you need to configure the alias. Refer to the Using an alias host name for SPNEGO TAI or SPENGO web authentication using the administrative console (deprecated) topic.

Results

Your SPNEGO TAI configuration is now configured for WebSphere Application Server.

指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:17
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tsec_SPNEGO_config_tai
檔名:tsec_SPNEGO_config_tai.html