ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/webserv/wsseccfaltpa.htm

39 lines
2.6 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Configure LTPA authentication for Web services</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h5><a name="wsseccfaltpa"></a>Configure LTPA authentication for Web services</h5>
<p>With the LTPA authentication mechanism, the client generates a binary security token, and it imbeds the token in the SOAP message. The server extracts the token and uses a Java Authentication and Authorization Service (JAAS) login module to validate the token. For an overview of the LTPA authentication mechanism, see <a href="wssecltpa.htm">Lightweight Third-party Authentication (LTPA) method</a>.</p>
<p><strong>Note:</strong> LTPA authentication is supported for server Web services only, including Web service applications that act as clients to other Web services. A pure Web service client (that is, a client that is not also a Web service) cannot authenticate with LTPA.</p>
<p>However, you can configure multiple authentication mechanisms for a Web service. In a scenario with multiple Web services and Web services clients, you can configure the clients to authenticate with a different authentication mechanism. You can then configure the Web services to authenticate with LTPA.</p>
<p><strong>Note:</strong> To use the LTPA authentication mechanism for Web services, you must configure WebSphere global security and the LTPA authentication mechanism. For more information, see <a href="../sec/seccglo.htm">Configure global security</a> and <a href="../sec/seccamec.htm">Configure the authentication mechanism</a> in the <em>Security</em> topic.</p>
<p>Perform these steps to configure LTPA authentication for your Web service:</p>
<ol>
<li><p><a href="wsseccfaltpacl.htm">Configure the client for LTPA token authentication</a>
<br>This topic describes how to configure LTPA authentication for a Web service that acts as a client.</p></li>
<li><p><a href="wsseccfaltpasv.htm">Configure the server for LTPA token authentication</a>
<br>This topic describes how to configure LTPA authentication for your Web service application.</p></li>
<li><p>(Optional) <a href="wsseccfplugtoken.htm">Configure a pluggable token</a>
<br>If you have developed custom token generation and validation, see this topic for information about configuring your pluggable token. For more information, see <a href="wssecplugtoken.htm">Pluggable token support</a>.</p></li>
</ol>
</body>
</html>