Enable the applet client to access secured resources

Enable the applet client to access secured resources

To access resources (such as enterprise beans) that are not secure, applets are configured with security disabled. While applets cannot authenticate to WebSphere Application Sever through SSL, they can access secure resources over standard TCP/IP protocol through the use of the sas.client.props file.

Note: When an applet client accesses a secured resource, unencrypted user IDs and passwords are passed from the client machine to the application server. This can compromise application security if someone is monitoring the network and captures the unencrypted passwords. It is important to carefully consider the security implications before you modify the client configuration to use the standard TCP/IP protocol to access secure resources on your application server.

To configure the applet client to access secured resources on your application server, follow these steps:

Copy the default sas.client.props file from the application client runtime installation on your workstation to another directory. The file is located in the client_root/properties directory (where client_root is the root directory of the WebSphere application client runtime installation.
Note: Do not edit the default sas.client.props file directly because this file may be used by other client applications.

Edit the copy of sas.client.props file that you made with these changes:

Change com.ibm.CSI.protocol to com.ibm.CSI.protocol=csiv2.

Change com.ibm.CSI.performTransportAssocSSLTLSSupported to com.ibm.CSI.performTransportAssocSSLTLSSupported=false.

Add com.ibm.CSI.claimTransportAssocSSLTLSSupported=false to the file.

Save the file.

For more information on the sas.client.props file and WAS security, see the WAS Security topic.