Authentication

 

+
Search Tips   |   Advanced Search

 


Overview

Authentication means that users identify themselves to gain access to the system. Users can identify themselves immediately upon entry to the system or they can be challenged by the system when they try to access a protected resource before identifying themselves. The user ID/password combination is the most common method of identifying a user to the system.

WebSphere Portal does not support multiple, simultaneous logins using the same userid and password.

After a user has been authenticated, the system can determine if that user is authorized to access the resources that are requested.

By default WebSphere Portal uses the Custom Form-based Authentication mechanism of WAS to prompt users for identity. Alternately, the system can be configured for third-party authentication through an external security manager or SSL Client Authentication.

 

Basic Portal Authentication

 

LTPA Authentication

WAS can provide single sign-on between itself and certain web appservers by sharing LTPA tokens, which contain user data, expiration time and a digital signature that is signed with a private key of the authenticating user. They are stored as encrypted cookies. The key for decrypting the cookie is normally generated by WAS and shared with any back-end (but primarily Domino) application servers. Normally, a shared LTPA token will be used to provide single sign-on between WebSphere Portal and a back-end Lotus Domino Application Server. It is also possible to use LTPA to provide single sign-on between WebSphere Portal and other WASs (that do not fall within the same WebSphere security realm as the Application Server used by WebSphere Portal).

It is important to note that IBM developed the LTPA mechanism. While they have published the specification, it is generally only supported by IBM products. The wider computer security community has largely adopted Kerberos technology to provide the same functionality.

 

See also

 

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.

 

IBM is a trademark of the IBM Corporation in the United States, other countries, or both.