Set the RSA token authentication mechanism
You use the WAS admin console to configure the Rivest Shamir Adleman (RSA) token authentication mechanism. The RSA token authentication mechanism can only be used for administrative requests. As such, the authentication mechanism choices for administrative authentication are part of the Global Security panel of the admin console.
RSA token authentication mechanism is the default selection for the appserver, administrative agent, and job manager profiles. LTPA is still the default for the dmgr profile to preserve the same behavior for the existing topology. You configure LTPA and Kerberos on the main authentication mechanism panels of the admin console as well as configure RSA token authentication. During registration of a base profile with the administrative agent, the trusted certificates on both sides are updated with the root signer for the other. The same process occurs during registration of an administrative agent or dmgr with a job manager. When removing the registration, the trusted signers are removed from both sides so that trust is no longer established.
By default, the RSA mechanism is set up correctly during the registration tasks, such as registerNode or registerWithJobManager. No further actions are necessary to establish trust within these environments.
However, to establish trust between two base servers or between two administrative agents, for example, we can use the following steps to further configure the RSA token authentication mechanism:
- Click Security > Global security . Under Administrative security click the link to Administrative authentication.
- Select the RSA token radio button. Select a data encryption keystore from the drop-down list. The option is recommend for flexible systems administration.
- Select the trusted signers keystore from the drop-down list.
- Enter the nonce cache timeout value.
- Enter token timeout value.
- Click Apply and Save.
ResultsYou configured the use of the RSA token authentication mechanism.
RSA token authentication settings
RSA token certificate use
Job manager security
Select an authentication mechanism