WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Configuring Common Secure Interoperability Version 2 outbound authentication

Before you begin

Outbound authentication refers to the configuration that determines the type of authentication that is performed for outbound requests to downstream servers. Several layers or methods of authentication can occur. The downstream server inbound authentication configuration must support at least one choice made in this server outbound authentication configuration. If nothing is supported, the request might go outbound as unauthenticated. This situation does not create a security problem because the authorization run time is responsible for preventing access to protected resources. However, if you choose to prevent an unauthenticated credential from going outbound, you might want to designate one of the authentication layers as required, rather than supported. If a downstream server does not support authentication, then when authentication is required, the method request fails to go outbound.

Why and when to perform this task

The following choices are available in the Common Secure Interoperability Version 2 (CSIv2) Outbound Authentication panel. Remember that you are not required to complete these steps in the displayed order. Rather, these steps are provided to help you understand your choices for configuring outbound authentication.

Steps for this task




Sub-topics
Common Secure Interoperability Version 2 outbound authentication settings

Related tasks
Configuring Common Secure Interoperability Version 2 inbound authentication
Configuring IIOP authentication

Related reference
Identity assertion
Message layer authentication
Secure Sockets Layer client certificate authentication

Configuring session management

Why and when to perform this task

You can choose either stateful or stateless security. Performance is optimum when choosing stateful sessions. The first method request between this server and the downstream server is authenticated. All subsequent requests reuse the session information, including the credential. A unique session entry is defined as the combination of a unique client authentication token and an identity token, scoped to the connection.

Example

BasicAuth

What to do next

Save the configuration and restart the server for the changes to take effect.



Related tasks
Configuring IIOP authentication

Task topic    

Terms of Use | Feedback

Last updated: Dec 11, 2005 4:07:15 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tsec_csiv2outbound.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)