Configure WebSEAL for use with WebSphere Application Server

 

+

Search Tips   |   Advanced Search

 

Overview

The first step is to create a junction between WebSEAL and WAS to carry the following headers:

To create a TAI++ junction open a pdadmin command prompt from any node that has a TAM Runtime component installed. This can be done on the TAM Server node, WebSEAL node or the WebSphere Portal node.

server task webseald-server create -t ssl -b supply -c iv-creds -h host_name -p websphere_app_port_number junction_name

To create a TAI junction...

server task webseald-server create -t ssl -b supply -c iv-user -h host_name -p websphere_app_port_number junction_name

If warning messages are displayed about the incorrect setup of certificates and key databases, delete the junction, correct problems with the key databases and re-create the junction.

The junction can be created as -t tcp or -t ssl depending on your requirements.

To set up SSL across the junction configure WAS (WAS) or the HTTP Server used by WAS, to accept inbound SSL traffic by importing the necessary signing certificates into the WebSEAL certificate keystore, and possibly also the HTTP Server certificate keystore.

 

Single Sign-on

For single signon to WAS the SSO password must be set in WebSEAL. To set the password...

  1. Edit the WebSEAL configuration file,...

    webseal_install_directory/etc/webseald-default.conf

  2. Set the following parameter,...

    basicauth-dummy-passwd=webseal_userid_passwd

    Where webseal_userid_passwd is the SSO password for the trusted user account .

  3. Restart WebSEAL.


 

See Also

Single signon using WebSEAL or the TAM plug-in for Web servers
Creating a trusted user account in TAM

 



 

 

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.