This task
is performed to enable single sign-on using trust
association. Trust association is used to connect reversed proxy servers
to the application server.
Before you begin
Note: Use of TAIs for Simple and Protected
GSS-API Negotiation
Mechanism (SPNEGO) authentication is deprecated in this release. The
SPNEGO web authentication panels provide a much easier and less error-prone
way to configure SPNEGO.
To establish the trust association
for the single sign-on, perform the following steps:
Procedure
- From the administrative console for WebSphere® Application
Server, click Security > Global security.
- From Authentication mechanisms, click Web and SIP security
> Trust association.
- Select the Enable
trust association option.
- Under Additional
properties, click the Interceptors link.
- Click com.ibm.ws.security.web.TAMTrustAssociationInterceptorPlus to
use a WebSEAL interceptor, or com.ibm.ws.security.spnego.TrustAssociationInterceptorImpl to
use a SPNEGO interceptor.
- Under Custom properties,
select a custom property to edit
or click New to create a new one. Enter the property
name and value pairs.
- Click OK.
- Save the configuration and log out.
- Restart WebSphere Application Server.