Authentication protocol support

Use this page to reference information regarding supported authentication protocols.

Authentication protocol support for z/OS

Beginning with WebSphere Application Server Version 6.0.x, the WebSphere Application Server Version 6.0.x servers only support the Common Secure Interoperability Version 2 (CSIv2) authentication protocol. Secure Authentication Service for z/OS (z/SAS) is only supported between Version 6 and previous version servers that have been federated in a Version 6.0.x cell. The option to select between z/SAS, CSIv2, or both will only be made available in the administration console when a Version 6 or previous release has been federated in a Version 6.0.x cell.

In future releases, IBM will no longer ship or support the Secure Authentication Service (z/SAS) IIOP security protocol. It is recommended that you use the Common Secure Interoperability version 2 (CSIv2) protocol.

You can configure both protocols to work simultaneously between Version 6.0.x and previous version servers that have been federated in a Version 6.0.x cell. If a server supports both protocols, it exports an interoperable object reference (IOR) that contains tagged components describing the configuration for z/SAS and CSIv2. If a client supports both protocols, it reads tagged components for both CSIv2 and z/SAS. If the client and server support both protocols, CSIv2 is used. However, if the server supports z/SAS (for example, the server is a previous WebSphere Application Server release) and the client supports both protocols, the client chooses z/SAS for this request.

In future releases, IBM will no longer ship or support the z/OS Secure Authentication Service (z/SAS) IIOP security protocol. It is suggested that you use the Common Secure Interoperability version 2 (CSIv2) protocols.

Two authentication protocols are supported by WebSphere Application Server. z/OS Secure Authentication Service (z/SAS) is the authentication protocol that is used by all releases prior to WebSphere Application Server Version 5. Common Secure Interoperability Version 2 (CSIv2), which is considered the strategic protocol, is implemented in WebSphere Application Server, Version 5 and later.

You can configure both protocols to work simultaneously. If a server supports both protocols, it exports an interoperable object reference (IOR) that contains tagged components describing the configuration for z/SAS and CSIv2. If a client supports both protocols, it reads tagged components for both CSIv2 and z/SAS. If the client and the server support both protocols, CSIv2 is used. However, if the server supports z/SAS (for example, it is a previous WebSphere Application Server release) and the client supports both protocols, the client chooses z/SAS for this request.

CSIv2 is considered enabled on the client with the existence of the com.ibm.CORBA.ConfigURL java property. If the property is not specified or the property does not exist, CSIv2 is not enabled.




Related concepts
Authentication protocol for EJB security
Related tasks
Securing communications
Reference topic    

Terms of Use | Feedback

Last updated: Aug 29, 2010 8:25:23 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-nd-zos&topic=rsecsascsiv2
File name: rsec_sascsiv2.html