130 lines
8.9 KiB
HTML
130 lines
8.9 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Scenario: Enable single signon for ISV applications" />
|
|
<meta name="abstract" content="View this information to review scenarios that illustrate typical single signon implementation situations to help you plan your own certificate implementation as part of your server security policy." />
|
|
<meta name="description" content="View this information to review scenarios that illustrate typical single signon implementation situations to help you plan your own certificate implementation as part of your server security policy." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzscenarios.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzcompletetheplanningprerequisiteworksheet4.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzwriteanewapplication.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzcreateasinglesignontestenvironment.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamztestyourapplication.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzisvsnippet.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzamzenablessoisv" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Scenario: Enable single signon for ISV applications</title>
|
|
</head>
|
|
<body id="rzamzenablessoisv"><a name="rzamzenablessoisv"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Scenario: Enable single signon for ISV applications</h1>
|
|
<div><p>View this information to review scenarios that illustrate typical
|
|
single signon implementation situations to help you plan your own certificate
|
|
implementation as part of your server security policy.</p>
|
|
<div class="section" id="rzamzenablessoisv__situation"><a name="rzamzenablessoisv__situation"><!-- --></a><h4 class="sectionscenariobar">Situation</h4><div class="p">You
|
|
are the lead application developer for an independent software vendor (ISV),
|
|
and are responsible for overseeing the applications that your company develops
|
|
and delivers to <span class="keyword">iSeries™ Navigator</span> customers.
|
|
You know that<span class="keyword">iSeries Navigator</span> provides
|
|
your customers with the capability of creating and participating in a single
|
|
signon environment. You want your applications to leverage these single signon
|
|
capabilities because you feel it will help sell your product. You decide to
|
|
market an application called <span class="uicontrol">Calendar</span> to <span class="keyword">iSeries Navigator</span> customers
|
|
that use network authentication service and Enterprise Identity Mapping (EIM)
|
|
to create their single signon environment. The <span class="uicontrol">Calendar</span> application
|
|
allows users to view and manage their workday schedule. Enabling the <span class="uicontrol">Calendar</span> application
|
|
for single signon requires you to include server specific code within your
|
|
application which enables it to participate within a single signon environment.
|
|
You have previous experience creating applications that call EIM APIs, but
|
|
this will be your first time working with an application that also calls network
|
|
authentication service APIs. <div class="note"><span class="notetitle">Note:</span> It is also possible to develop applications
|
|
for a single signon environment that use a different authentication method.
|
|
For example, you can insert the necessary code for authenticating with digital
|
|
certificates, or for binding the directory server, instead of inserting the
|
|
necessary code for authenticating with network authentication service.</div>
|
|
</div>
|
|
</div>
|
|
<div class="section" id="rzamzenablessoisv__objective"><a name="rzamzenablessoisv__objective"><!-- --></a><h4 class="sectionscenariobar">Objectives</h4><div class="p">You
|
|
want to be able to market your <span class="uicontrol">Calendar</span> application
|
|
to <span class="keyword">iSeries Navigator</span> customers who
|
|
are interested in applications that are capable of participating in a single
|
|
signon environment. You want to enable the server side of the <span class="uicontrol">Calendar</span> application
|
|
to participate in a single signon environment. You have the following objectives,
|
|
as you complete this scenario:<ul><li>You want to change the server specific part of an existing <span class="uicontrol">Calendar</span> application
|
|
or develop a new <span class="uicontrol">Calendar</span> application which participates
|
|
in a single signon environment that uses EIM and network authentication service.</li>
|
|
<li>You want to create a single signon environment in which you can test your
|
|
application.</li>
|
|
<li>You want to test your <span class="uicontrol">Calendar</span> application and
|
|
ensure that it successfully participates in a single signon environment.</li>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
<div class="section" id="rzamzenablessoisv__prereq"><a name="rzamzenablessoisv__prereq"><!-- --></a><h4 class="sectionscenariobar">Prerequisites
|
|
and assumptions</h4><div class="p">Implementation of this scenario depends on
|
|
the following assumptions and prerequisite conditions:<ul><li>You want your <span class="uicontrol">Calendar</span> application to participate
|
|
in a single signon environment that is configured to use Kerberos and EIM.</li>
|
|
<li>You already have experience creating applications for the <span class="keyword">iSeries Navigator</span> systems.
|
|
See the <a href="../rzahg/rzahgicprog2.htm">Programming</a> topic
|
|
in the<span class="keyword">iSeries Navigator</span> for information
|
|
about programming for the<span class="keyword">iSeries Navigator</span> system.</li>
|
|
<li>You have a Version 5 Release 4 (V5R4) <span class="keyword">iSeries Navigator</span> system
|
|
with the following options and licensed products installed:<ul><li><span class="keyword">iSeries Navigator</span> Host Servers
|
|
(5722-SS1 Option 12)</li>
|
|
<li><span class="keyword">iSeries Navigator</span> (5722-XE1)</li>
|
|
</ul>
|
|
</li>
|
|
<li>You have configured your <span class="keyword">iSeries Navigator</span> system
|
|
to participate in a Kerberos realm.</li>
|
|
<li>You write applications in one of the following languages:<ul><li>You use an ILE programming language, such as C, to write your applications
|
|
and you are familiar with the GSS API set (see the <a href="../apis/gsslist.htm">Generic Security Service APIs</a>).</li>
|
|
<li>You use Java™ to write your applications and you are familiar
|
|
with the JGSS API set (see the <a href="../rzaha/rzahajgssover.htm">IBM<sup>®</sup> Java Generic
|
|
Security Service (JGSS)</a>).<div class="note"><span class="notetitle">Note:</span> You may also require the Java toolbox,
|
|
depending on which set of JGSS APIs you use.</div>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>You have already completed the client-specific portion of your application,
|
|
enabling it to use Kerberos authentication.</li>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
<div class="section" id="rzamzenablessoisv__steps"><a name="rzamzenablessoisv__steps"><!-- --></a><h4 class="sectionscenariobar">Configuration
|
|
steps</h4></div>
|
|
</div>
|
|
<div>
|
|
<ol>
|
|
<li class="olchildlink"><a href="rzamzcompletetheplanningprerequisiteworksheet4.htm">Complete the planning prerequisite worksheet</a><br />
|
|
</li>
|
|
<li class="olchildlink"><a href="rzamzwriteanewapplication.htm">Write a new application or change an existing application</a><br />
|
|
</li>
|
|
<li class="olchildlink"><a href="rzamzcreateasinglesignontestenvironment.htm">Create a single signon test environment</a><br />
|
|
</li>
|
|
<li class="olchildlink"><a href="rzamztestyourapplication.htm">Test your application</a><br />
|
|
</li>
|
|
<li class="olchildlink"><a href="rzamzisvsnippet.htm">ISV code examples</a><br />
|
|
</li>
|
|
</ol>
|
|
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamzscenarios.htm" title="Use this information to review scenarios that illustrate typical single signon implementation situations to help you plan your own certificate implementation as part of your server security policy.">Scenarios</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |