Administer > Manage WebSphere Commerce features > WebSphere Commerce integration with WebSphere Portal > Single sign-on (SSO) and WebSphere Commerce Portal


Basic authentication

Basic Authentication has been deprecated in WebSphere Commerce integration with WebSphere Portal. It is strongly recommended to migrate to the suggested LTPA configuration.

See Configure WebSphere Portal with WebSphere Commerce for more information.

Basic authentication is an authentication method that is designed to allow client programs to provide credentials - in the form of a user name and password - when making a request. Although the scheme is implemented, it relies on the assumption that the connection between the client and server computers is secure and can be trusted. Specifically, the credentials are passed as plain text and could be intercepted . The scheme also provides no protection for the information that is passed back from the server.

To prevent the user name and password being read directly by a third party, you can configure the WebSphere Portal-WebSphere Commerce connection to use SSL. Because WebSphere Commerce and WebSphere Portal are running on two different servers, basic authentication is used to perform single sign on (SSO) from WebSphere Portal server to WebSphere Commerce Server. This is done by making use of a Java Authentication and Authorization Service (JAAS) login module to capture the WebSphere Portal user name and password while signing into the WebSphere Portal server. This JAAS login module is provided with the MVC Portlet.

For a detailed discussion of Java Authentication and Authorization Service, see the Java Authentication and Authorization Service.


Basic authentication in a production environment

This single sign-on mechanism has the following requirements:

The WebSphere Portal server communicates with the WebSphere Commerce Web server with WebSphere Commerce Web services. For non-secure communication, port 8007 is used. For secure communication, the WebSphere Commerce tools port (typically port 8006) is used.


Basic authentication in a test environment

Basic authentication is also a possible single sign-on mechanism for a test environment.

This single sign-on mechanism has the following requirements:

The WebSphere Portal server communicates with the WebSphere Commerce Web server for WebSphere Commerce Web services using a non-secure port (port 80).


Related concepts

Simulated single sign-on

WebSphere Commerce integration with WebSphere Portal

Single sign-on (SSO) and WebSphere Commerce Portal


Related tasks

Configure basic authentication for WebSphere Commerce

Configure WebSphere Portal with WebSphere Commerce using basic authentication


+

Search Tips   |   Advanced Search