WebSphere Application Server supports security in the CORBA C++ client to access-protected enterprise beans. If configured, C++ CORBA clients can access protected enterprise bean methods using a client certificate to achieve mutual authentication on WebSphere Application Server applications.
You
can achieve interoperability of Security Authentication Service between
the C++ Common Object Request Broker Architecture (CORBA) client and
WebSphere Application Server using Common Secure Interoperability
Version 2 (CSIv2) authentication protocol over Remote Method Invocation
over the Internet Inter-ORB Protocol (RMI-IIOP). The CSIv2 security
service protocol has authentication, attribute and transport layers.
Among the three layers, transport authentication is conceptually simple,
however, cryptographically based transport authentication is the strongest.
WebSphere Application Server has implemented the transport authentication
layer, so that C++ secure CORBA clients can use it effectively in
making CORBA clients and protected enterprise bean resources work
together.
Interoperability
can be achieved between C++ CORBA clients and WebSphere Application
Server using the Common Secure Interoperability Version 2 (CSIv2)
or by using the z/OS Secure Authentication Services (z/SAS) protocols.
CSIv2 should be used unless interoperability is required with a WebSphere
Application Server Version 4. See Global security settings and Configuring Common Secure Interoperability Version 2 (CSIV2) and Security Authentication Service (SAS).
Security authentication from non-Java based C++ client to enterprise beans. WebSphere Application Server supports security in the CORBA C++ client to access-protected enterprise beans. If configured, C++ CORBA clients can access protected enterprise bean methods using a client certificate to achieve mutual authentication on WebSphere Application Server applications.
C++ security setting | Description |
---|---|
client_protocol_password | Specifies the password for the user ID. |
client_protocol_user | Specifies the user ID to authenticate at the target server. |
security_sslKeyring | Specifies the name of the RACF keyring for the client to use. The keyring must be defined under the user ID that is issuing the command to run the client. |
/WebSphere/V6R0M0/DeploymentManager/profiles/default/config/cells /PLEX1Network/nodes/PLEX1Manager/servers/dmgrSome of the environment file terms are explained below:
In this information ... | IBM Redbooks, demos, education, and more(Index) |