Supported authentication protocols

Two authentication protocols are supported by WebSphere Application Server. SAS (or z/OS Secure Authentication Service (z/SAS) on the z/OS platform) is the authentication protocol used by all releases prior to WebSphere Application Server V5. Common Secure Interoperability V2 (CSIv2), which is considered the strategic protocol, is implemented in WebSphere Application Server, V5 and later.

In future releases, IBM will no longer ship or support the SAS IIOP security protocol. It is suggested that you use the Common Secure Interoperability version 2 (CSIv2) protocols.

One can configure both protocols to work simultaneously. If a server supports both protocols, it exports an interoperable object reference (IOR) that contains tagged components describing the configuration for SAS or z/SAS and CSIv2. If a client supports both protocols, it reads tagged components for both CSIv2 and SAS or z/SAS. If the client and the server support both protocols, CSIv2 is used. However, if the server supports SAS or z/SAS (for example, it is a previous WAS release) and the client supports both protocols, the client chooses SAS or z/SAS for this request.

Choose a protocol using the com.ibm.CSI.protocol property on the client side and configure this protocol through the administrative console on the server side.

 

---