The Lightweight Third Party Authentication (LTPA) security mechanism can be used when the client application is running within a previously established security context.
The LTPA security mechanism is only available if your client application is running in a secure environment in which a security context has already been established. For example, if your client application is running in an Enterprise JavaBeans™ (EJB) container, then the EJB client must log in before being able to invoke the client application. A security context is then established. If the EJB client application then invokes a Web service, the LTPA callback handler retrieves the LTPA token from the security context and adds it to the SOAP request message. On the server side, the LTPA token is handled by the LTPA mechanism.
To implement the LTPA security mechanism:
At runtime, the LTPATokenCallbackHandler retrieves the LTPA token from the existing security context and adds it to the SOAP request message.
(c) Copyright IBM Corporation 2005, 2006.
This information center is powered by Eclipse technology (http://www.eclipse.org)