Authenticating users
The process of authenticating users involves a user registry and an authentication mechanism. Optionally, you can define trust between WebSphere Application Server and a proxy server, configure single sign-on capability, and specify how to propagate security attributes between appservers.
Overview
The following security topics are covered in this section:
- User registries
- For information on local operating system, Lightweight Directory Access Protocol (LDAP), custom user registries, and user repositories such as virtual member manager, see User registries and repositories.
- Trust associations
- For more information on trust associations, see Trust associations.
- Single sign-on
- For more information on single sign-on, see Single sign-on.
- Security attribute propagation
- For more information on propagation tokens, authorization tokens, single sign-on tokens, and authentication tokens, see Security attribute propagation.
The following information is covered in this section:
Procedure
- Configure a user registry. For more information, see Selecting a registry or repository.
- Configure WebSEAL or a custom trust association interceptor. For more information see, Integrating third-party HTTP reverse proxy servers.
- Configure single sign-on. For more information, see Implementing single sign-on to minimize Web user authentications.
- Propagate security attributes. For more information, see Propagating security attributes among appservers.
- Configure the authentication cache. For more information, see Configure the authentication cache.
What to do next
After completing the configuring the authentication process, authorize access to resources. For more information, see Authorizing access to resources.
Selecting a registry or repository
Authentication mechanisms
Configure the LTPA mechanism
Integrating third-party HTTP reverse proxy servers
Implementing single sign-on to minimize Web user authentications
Propagating security attributes among appservers
Configure the authentication cache
Configure IIOP authentication
Configure RMI over IIOP
Java Authentication and Authorization Service
Use the Java Authentication and Authorization Service programming model for Web authentication
Related tasks
Authorizing access to resources