Configure pluggable tokens for Version 5.x web services with an assembly tool
WebSphere Application Server provides several different methods to secure the web services, including the pluggable token method. To use pluggable tokens to secure the web services, configure both the client request sender and the server request receiver.
Subtopics
- Secure web services for version 5.x applications using a pluggable token
To use pluggable tokens to secure the web services, configure both the client request sender and the server request receiver. We can configure the pluggable tokens using the WAS console.
- Configure pluggable tokens using an assembly tool
The following information describes how to configure a pluggable token using an assembly tool.
- Configure the client for LTPA token authentication: specifying LTPA token authentication
To configure LTPA token authentication, specify LTPA token authentication. Only configure the client for LTPA token authentication if the authentication mechanism configured in WebSphere Application Server is LTPA.
- Configure the client for LTPA token authentication: collecting the authentication method information
To configure LTPA token authentication, collect the LTPA token authentication information. Do not configure the client for LTPA token authentication unless the authentication mechanism configured in WebSphere Application Server is LTPA.
- Configure the server to handle LTPA token authentication information
LTPA is a type of authentication mechanism in WAS security that defines a particular token format. The purpose of the LTPA token authentication is to flow the LTPA token from the first web service, which authenticated the originating client, to the downstream web service. We can configure the server for LTPA token authentication.
- Configure the server to validate LTPA token authentication information
LTPA is a type of authentication mechanism in WAS security that defines a particular token format. The purpose of the LTPA token authentication is to flow the LTPA token from the first web service, which authenticated the originating client, to the downstream web service. We can configure the server to validate LTPA token authentication.