Form login requires single sign on (SSO)
 Technote (FAQ)
 
Problem
Why do I need to enable SSO when I use a form-based login in my WebSphere® Application Server Web application?
 
Solution
If Lightweight Third Party Authentication (LTPA) is chosen under global security settings, and any Web applications use form login as the authentication method, you must also enable SSO. If you do not enable SSO, authentication during form login fails with a configuration error.

When SSO is enabled, a cookie is created in the LTPA Token. When the user accesses other Web resources in any other WebSphere® Application Server process in the same domain name system (DNS) domain, the cookie is sent with the request. The LTPA token is then extracted from the cookie.

The reason behind requiring SSO is that it generates the HTTP cookie that contains information representing the identity of the user to the Web browser. Enabling LTPA by itself creates only the LTPA token and credential, not the cookie. This cookie is needed to authorize protected resources when using a form login.

For more information see the following WebSphere Application Server Information Center articles:

Configuring single signon (v5):
http://publib.boulder.ibm.com/infocenter/wasinfo/topic/com.ibm.websphere.nd.doc/info/ae/ae/tsec_msso.html

Single Sign-On (v4):
http://www-306.ibm.com/software/webservers/appserv/doc/v40/ae/infocenter/was/0508.html

Developing form login pages (V5):
http://publib.boulder.ibm.com/infocenter/wasinfo/topic/com.ibm.websphere.nd.doc/info/ae/ae/tsec_pofolo.html

Form-based Login (V4):
http://www-306.ibm.com/software/webservers/appserv/doc/v40/ae/infocenter/was/050403.html

Lightweight third party identification (v5):
http://publib.boulder.ibm.com/infocenter/wasinfo/topic/com.ibm.websphere.nd.doc/info/ae/ae/csec_ltpa.html
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.0
Software edition:
Reference #: 1157000
IBM Group: Software Group
Modified date: Mar 27, 2006