Displaying SPNEGO TAI properties using the wsadmin utility (deprecated)


You use the wsadmin utility to display the properties in the configuration of the SPNEGO trust association interceptor (TAI) for WAS.

Deprecated feature:

In WAS Version 6.1, a TAI that uses the SPNEGO to securely negotiate and authenticate HTTP requests for secured resources was introduced. In WAS 7.0, this function is now deprecated. SPNEGO Web authentication has taken its place to provide dynamic reload of the SPNEGO filters and to enable fallback to the application login method. depfeat

Verify that end-user desktop browsers are configured to support SPNEGO authentication, that the SPNEGO TAI is enabled, that the JVM property is set and, that WAS is configured to enable the operation of the SPNEGO TAI. You use the wsadmin utility to configure the SPNEGO TAI for WAS:

 

  1. Start WAS.

  2. Start the command-line utility by running the wsadmin command from the APP_ROOT/bin directory.

  3. At the wsadmin prompt...

    $AdminTask showSpnegoTAIProperties
    
    You can use the following parameters with this command:

    Option Description
    <spnId> This is an optional parameter. It is the service principal name (SPN) identifier for the group of custom properties that are to be displayed with this command. If we do not specify this parameter, all SPNEGO TAI custom properties are displayed.

 

Results

SPNEGO TAI properties are displayed for this WAS.

 

Example

Example 1

The following example displays all SPNEGO TAI properties.

wsadmin>$AdminTask showSpnegoTAIProperties com.ibm.ws.security.spnego.SPN1.filter=request-url!=noSPNEGO;request-url%=snoop com.ibm.ws.security.spnego.SPN1.hostName=central01.mpls.setgetweb.com com.ibm.ws.security.spnego.SPN2.hostName=wssecpd.mpls.setgetweb.com wsadmin>

Example 2

The following example displays SPNEGO TAI properties for SPN1 and host, central01.mpls.setgetweb.com.

wsadmin>$AdminTask showSpnegoTAIProperties -interactive Show SPNEGO TAI configuration properties.

Display SPNEGO TAI configuration properties.

Service Principal Name identifier (spnId): 1

Show SPNEGO TAI configuration properties.

F (Finish) C (Cancel)

Select [F, C]: [F] WASX7278I: Generated command line: $AdminTask showSpnegoTAIProperties {-spnId 1} com.ibm.ws.security.spnego.SPN1.filter=request-url!=noSPNEGO;request-url%=snoop com.ibm.ws.security.spnego.SPN1.hostName=central01.mpls.setgetweb.com com.ibm.ws.security.spnego.SPN1.trimUserName=true wsadmin>

 

Related tasks


Set WAS and enabling the SPNEGO TAI (deprecated)

 

Related


SPNEGO TAI custom properties configuration (deprecated)