You must perform the steps to set up Kerberos as the authentication
mechanism for WebSphere® Application
Server.
About this task
Note: Kerberos authentication mechanism on the server
side must be done by the system administrator and on the Java client side by end users. The Kerberos
keytab file must to be protected.
You must first ensure
that the KDC is configured. For more information, see your Kerberos Administrator and User's guide.
Avoid trouble: When configuring the
envar file
for a z/OS® KDC, order the encryption
types from most secure to least secure for the SKDC_TKT_ENCTYPES environment
variable. The z/OS KDC prefers
to use the encryption types that are first in the list, from left
to right.
gotcha
You must perform the following steps to set up
Kerberos as the authentication mechanism for WebSphere Application Server.