This topic applies only on the z/OS operating system.

Configuring ICSF as the authentication mechanism

Use these steps to select Integrated Cryptographic Services Facility (ICSF) as the authentication mechanism for your server.

Before you begin

ICSF requires the Cryptographic Coprocessor features of the zSeries processor to be enabled and active. You must have ICSF configured and running on your processor before selecting ICSF as your authentication mechanism.

Note: In future releases, IBM intends to deprecate the ICSF authentication mechanism. It is recommended that you migrate to LTPA. For more information on LTPA, see Lightweight Third Party Authentication.

You need to start the administrative console by specifying URL: http://server_hostname:port_number/ibm/console.

Perform the following steps to select ICSF as the authentication mechanism for this server.

Procedure

  1. Click Security > Global security.
  2. Under Authentication, click Authentication mechanisms > ICSF.
  3. In the Encryption cryptographic key field, specify the label of the cryptographic key to use for single sign-on (SSO) tokens for Web applications and administrative security when using the SOAP HTTP connector.
  4. Enter a positive integer value in the Timeout field. Specifies the time period in which an ICSF token expires. Verify that this time period is longer than the cache timeout that is configured in the Global Security panel.
  5. Click Apply or OK. The ICSF configuration is now set.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Sep 20, 2010 11:08:29 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-nd-mp&topic=tsecselicsf
File name: tsec_selicsf.html