Interoperating with previous product versions

IBM WebSphere Application Server inter-operates with the previous product versions. Use this topic to configure this behavior.

Interoperability is achieved only when the Lightweight Third Party Authentication (LTPA) authentication mechanism and Lightweight Directory Access Protocol (LDAP) user registry are used. Credentials derived from Simple WebSphere Authentication Mechanisms (SWAM) are not forwardable.

Important:

Procedure

1. Enable security with the LTPA authentication mechanism and the LDAP user registry. Make sure that the same LDAP user registry is shared by all the product versions.

2. Extract and add server certificates into the server key ring file of the previous version.

   1. Open the server key ring file using the key management utility (iKeyman) and extract the server certificate to a file.

   2. Open the server key ring of the previous product version, using the key management utility and add the certificate that is extracted from your current version of WebSphere Application Server.

3. Extract and add trust certificates into the trust key ring file of the previous product version.

   1. Open the trust key ring file using the key management utility and extract the trust certificate to a file.

   2. Open the trust key ring file of the previous product version using the key management utility and add the certificate that is extracted from the product.

4. If single sign-on (SSO) is enabled, export keys from the product and import them into the previous product version.

5. Verify that the application uses the correct Java Naming and Directory Interface (JNDI) name.

6. Stop and restart all the servers.

7. Make sure that the correct naming bootstrap port is used to perform naming lookup.