+

Search Tips   |   Advanced Search

 

Manually configuring Tivoli Access Manager only for authentication on WAS 6.x

 

You can configure Tivoli Access Manager V5.1 solely for authentication.

 

Procedure

  1. Disable Java Authorization Contract for Containers (JACC) in the Application Server console. The following steps explain how to disable JACC:

    1. Start the WAS.

    2. Use the administrator user ID to log into the administrative console.

    3. Navigate to Security > Secure administration, applications, and infrastructure > External authorization providers and click Default authorization.

    4. Click OK.

    5. Click Save.

    6. Quit the WAS.

  2. Navigate to $WAS_HOME/profiles/<profileName>/config/cells/<cellName>/.

  3. To restore Tivoli Access Manager for Authentication at a later stage, make a backup copy of the security.xml file.

  4. Edit the security.xml file and remove the Tivoli Access Manager authorization table entry similar to the example that follows. It is usually located at the end of the file. <properties xmi:id="Property_1160607508013" name="com.ibm.websphere.security.authorizationTable" value="com.tivoli.pdwas.websphere.PDWASAuthzManager"/>

  5. Start WAS. Only Tivoli Access Manager for Authentication is enabled.



Authentication mechanisms

 

Related tasks


Manually migrating from WAS 5.1 to WebSphere Application Server 6.x with Tivoli Access Manager enabled on multiple nodes
Manually migrating from WAS 5.1 to WebSphere Application Server 6.x with Tivoli Access Manager enabled on a stand-alone server