This extension to the embedded Trust Association Interceptor component provides single sign-on to WebSphere Application Server by Tivoli Access Manager WebSEAL and WebPlugins.
This adapter enables single sign-on (SSO) to WebSphere Application Server by configuring WebSphere Application Server to allow trust associations. Currently the embedded Trust Association Interceptor++ (tai++) accepts an iv-creds header from WebSEAL or WebPlugins and a trust password in a Basic Authentication header. The embedded tai++ authenticates the trust password and dismantles the iv-creds header to create the credential of the original user.
The extended version of the Trust Association Interceptor++ (ETAI) has following additional capabilities:
- ETAI removes the need for any Tivoli Access Manager configuration on WebSphere Application Server.
- ETAI can be configured to map the credential attributes of the original user to different registry formats or you can elect not to add credentials at all.
- ETAI also has additional support for the processing of Tivoli Federated Identity Manager security tokens.
- ETAI has support for additional trust mechanism based on mutual authentication over SSL and validation of incoming certificate chain.
- ETAI is also capable to work with iv-user only, in the absence of iv-creds.
- ETAI can propagate rich identity to JAX-WS, LTPA, RMI/IIOP in the form of Tivoli Access Manager binary security token.
- ETAI can propagate Tivoli Access Manager security attributes to the JAAS authorization token using a login module.
IBM Tivoli Access Manager, version 6.0
IBM Tivoli Access Manager, version 6.1
IBM Tivoli Access Manager, version 6.1.1 and
IBM WebSphere Application Server, versions 6.0.x, 6.1.x, 7.0.x and 8.0.x
Ensure that the underlying products such as IBM Tivoli Access Manager and IBM WebSphere Application Server are compatible with each other when you configure the Tivoli Access Manager Trust Association Interceptor Plus.
See the PDF document in the download package for any more prerequisites.
See the PDF document in the download package for installation instructions.
|Download||RELEASE DATE||LANGUAGE||SIZE(Bytes)||Download Options
What is DD?
|Integration Adapter||4 Apr 2012||English||1600215||FTP DD|
This download is offered free of charge to existing Tivoli Access Manager customers. Support for this download is available through the normal Tivoli Access Manager support channels. This integration has been tested and is supported on the platforms and product versions listed in this document. When accessing support for this download, please quote the component ID as TIVOIAM00.
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.