Create a trusted user account in ISAM

Create a trusted user account in ISAM

Security Access Manager trust association interceptors require the creation of a trusted user account in the shared LDAP user registry. This account includes the ID and password that WebSEAL uses to identify itself to WebSphere Application Server. To prevent potential vulnerabilities, do not use the sec_master ID as the trusted user account and ensure the password used is unique and generated randomly. Use the trusted user account for the TAI or TAI++ only. Use either the ISAM pdadmin command-line utility or Web Portal Manager to create the trusted user. For example, from the pdadmin command line.
pdadmin> user create webseal_userid webseal_userid_DN firstname surname password
pdadmin> user modify webseal_userid account-valid yes

See also:

Configure WebSEAL for use with WAS
Configure ISAM plug-in for web servers for use with WAS

Related

Configure SSO capability with ISAM WebSEAL

+
Search Tips | Advanced Search