Set single sign-on using trust association


This task is performed to enable single sign-on using trust association. Trust association is used to connect reversed proxy servers to the appserver.

Use of TAIs for SPNEGO authentication is deprecated in this release. The SPNEGO Web authentication panels provide a much easier and less error-prone way to configure SPNEGO.

To establish the trust association for the single sign-on...

 

  1. From the admin console for WAS, click...

      Security | Global security

  2. From Authentication mechanisms, click Web and SIP security > Trust association.

  3. Select the Enable trust association option.

  4. Under Additional properties, click the Interceptors link.

  5. Click com.ibm.ws.security.web.TAMTrustAssociationInterceptorPlus to use a WebSEAL interceptor, or com.ibm.ws.security.spnego.TrustAssociationInterceptorImpl to use a SPNEGO interceptor.

  6. Under Custom properties, select a custom property to edit or click New to create a new one. Enter the property name and value pairs.

  7. Click OK.

  8. Save the configuration and log out.

  9. Restart WAS.


Trust associations

 

Related tasks


Create a trusted user account in TAM
Integrating third-party HTTP reverse proxy servers