WAS v8.5 > Secure applications > Authorizing access to resources > OAuth

OAuth 2.0 services

WebSphere Application Server OAuth services include both OAuth authorization service and web resource authorization decision service.

OAuth 2.0 authorization service provides all OAuth 2.0 protocol endpoint URLs, and is responsible for client authorization and token issuing.

Web resource authorization decision service is a combination of standard WAS J2EE security and WAS trusted association interceptors (TAI). When a client accesses a J2EE secured web resource, the OAuth TAI intercepts the request, validates the OAuth token, and maps the OAuth token to the WAS platform security subject. From then on, the client is assessed and authorized based on the authenticated subject.


Subtopics


+

Search Tips   |   Advanced Search