After you deploy risk-based access, the runtime security services authorization service URL does not present a challenge for basic authentication.
When the challenge is not presented for basic authentication, it causes communication failure between the external authorization service (EAS) and runtime security services.
Resolving the problem
After you deploy risk-based access, you must configure WebSphere Application Server Quality of Protection (QoP) under SSL settings.
- To access these settings, on the WebSphere Application Server administrative console, go to SSL Certificate and Key Management > SSL Configurations > Node Default SSL Settings > Quality of Protection.
- Set Client Authentication to Supported.
- Set Protocol to SSL_TLS.
- On the WebSphere Application Server administrative console, go to Global Security > Web Security – General Settings.
- Ensure that the following option is selected: Default to basic authentication when certificate authentication for the HTTPS client fails.
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.