99 lines
6.4 KiB
HTML
99 lines
6.4 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="ISV enablement" />
|
|
<meta name="abstract" content="This information describes ISV considerations for the enablement of single signon, and how ISVs can create applications and programs that can participate in a single signon environment." />
|
|
<meta name="description" content="This information describes ISV considerations for the enablement of single signon, and how ISVs can create applications and programs that can participate in a single signon environment." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzamzconcepts.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="rzamzisvenable" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>ISV enablement</title>
|
|
</head>
|
|
<body id="rzamzisvenable"><a name="rzamzisvenable"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">ISV enablement</h1>
|
|
<div><p> This information describes ISV considerations for the enablement
|
|
of single signon, and how ISVs can create applications and programs that can
|
|
participate in a single signon environment.</p>
|
|
<p>As an independent software vendor (ISV) you know that many of your customers
|
|
are implementing single signon environments to take advantage of the cost
|
|
and time benefits that single signon provides. You want to ensure that you
|
|
design your application products to participate in single signon environments
|
|
so that you can continue to provide the solutions that your customers want
|
|
and need.</p>
|
|
<div class="p"> To enable your applications to participate in an <span class="keyword">i5/OS™</span> single
|
|
signon environment, you need to perform the following tasks:<dl><dt class="dlterm">Enable your <span class="keyword">i5/OS</span> server
|
|
applications for EIM</dt>
|
|
<dd>One of the foundations of a single signon environment is <a href="../rzalv/rzalvmst.htm">Enterprise Identity Mapping</a>.
|
|
EIM is a mechanism for mapping or associating a person or entity to the appropriate
|
|
user identities in various registries throughout the enterprise. Application
|
|
developers for <span class="keyword">i5/OS</span> use
|
|
EIM to build applications that use one user registry for authentication and
|
|
another for authorization--without requiring the user to provide another set
|
|
of credentials. EIM provides APIs for creating and managing these identity
|
|
mapping relationships, as well as APIs that applications use to query this
|
|
information. You can write applications that use <a href="../apis/sec5.htm">EIM APIs</a> to perform lookup operations for user identities
|
|
within an enterprise.</dd>
|
|
</dl>
|
|
<dl><dt class="dlterm">Enable your <span class="keyword">i5/OS</span> server
|
|
and client applications to use a common authentication mechanism</dt>
|
|
<dd>While you are free to choose any common authentication mechanism you want
|
|
for your application's single signon environment, the <span class="keyword">i5/OS</span> single signon environment
|
|
is based on the network authentication service (Kerberos) which provides an
|
|
integrated single signon environment with <span class="keyword">Windows<sup>®</sup> 2000</span> domains.
|
|
If you want your applications to participate with the same secure, integrated
|
|
single signon environment as <span class="keyword">i5/OS</span>,
|
|
should choose network authentication service as the authentication mechanism
|
|
for your applications. The following are examples of the different authentication
|
|
methods you can choose for your applications:<p></p>
|
|
<dl><dt class="dlterm"><a href="../rzakh/rzakh000.htm">Network
|
|
authentication service</a></dt>
|
|
<dd>Use the <a href="rzamzenablessoisv.htm">Scenario: Enable single signon
|
|
for ISV applications</a> to learn how to use EIM application programming
|
|
interfaces (APIs) in conjunction with network authentication service to create
|
|
applications that can fully participate in a single signon environment. This
|
|
scenario includes some <a href="rzamzisvsnippet.htm">ISV code examples</a>,
|
|
including pseudocode, for example pseudocode and snippets that you can use
|
|
to help complete your program.</dd>
|
|
<dt class="dlterm"><a href="../rzahu/rzahurazhudigitalcertmngmnt.htm">Digital
|
|
certificates</a></dt>
|
|
<dd>It is possible to develop applications for a single signon environment
|
|
that use digital certificates as the authentication method. To insert the
|
|
necessary code into your program for authenticating with digital certificates,
|
|
you must use the <a href="../apis/secex1.htm">Digital
|
|
Certificate Management APIs</a>.</dd>
|
|
<dt class="dlterm"><a href="../rzahy/rzahyrzahywelpo.htm">Lightweight
|
|
Directory Access Protocol (LDAP)</a></dt>
|
|
<dd>It is possible to develop applications for a single signon environment
|
|
that use the directory server as the authentication method. To insert the
|
|
necessary code into your program for authenticating with the directory server,
|
|
you must use the <a href="../apis/dirserv1.htm">Lightweight
|
|
Directory Access Protocol (LDAP) APIs</a>.</dd>
|
|
</dl>
|
|
</dd>
|
|
</dl>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamzconcepts.htm" title="Use this information to learn about the underlying concepts for single signon for a better understanding of how you can plan to use single signon in your enterprise.">Concepts</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |