Extended Tivoli Access Manager (ETAI)
Overview
The embedded Trust Association Interceptor++ (tai++) accepts an iv-creds header from WebSEAL or WebPlugins, and a trust password in a Basic Authentication header. The embedded tai++ authenticates the trust password and dismantles the iv-creds header to create the credential of the original user
The extended version of the Trust Association Interceptor++ (ETAI)...
- Does not require Tivoli Access Manager configuration on WebSphere Application Server.
- Can be configured to map the credential attributes of the user to different registry formats.
- Supports processing of Tivoli Federated Identity Manager security tokens.
- Supports trust mechanisms based on mutual authentication over SSL and validation of incoming certificate chain.
- Can work with iv-user only, in the absence of iv-creds.
- Can propagate rich identity to JAX-WS, LTPA, RMI/IIOP in the form of TAM binary security token.
- Can propagate TAM security attributes to the JAAS authorization token using a login module.
Prerequisites...
- IBM Tivoli Access Manager, v6.0, v6.1, or v6.1.1
- IBM WebSphere Application Server, versions 6.0.x, 6.1.x, 7.0.x and 8.0.x
More information
- IBM Tivoli Access Manager for e-business: Installation Guide, GC23-6502
- IBM Tivoli Access Manager for e-business: Administration Guide, SC23-6504
- IBM Tivoli Access Manager for e-business: WebSEAL Administration Guide, SC23-6505
- IBM Tivoli Access Manager for e-business: Web Security Developer Reference, SC23-6516
Parent: Set up a portal site