Skip to main content
IBM Redbooks

Implementing Kerberos in a WebSphere Application Server Environment

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.

thumbnail 

Published on 23 October 2009, updated 26 April 2011

  1. .PDF (4.9 MB)
 Order hardcopy
Share this page:
 
 

ISBN-10: 0738433489
ISBN-13: 9780738433486
IBM Form #: SG24-7771-00

Authors: Fabio Albertoni, Henry Cui, Elisa Ferracane, James Kochuba, Ut Le, Bill O'Donnell, Gustavo Cezar de Medeiros Paiva, Vipin Rathor, Grzegorz Smolko, Rengan Sundararaman and Tam Tran

menu icon

Abstract

This IBM® Redbooks® publication discusses Kerberos technology with IBM WebSphere® Application Server V7.0.0.5 on distributed platforms. IBM WebSphere Application Server V7.0.0.5 Kerberos Authentication and single sign-on (SSO) features enable interoperability and identity propagation with other applications (such as .NET, DB2®, and others) that support the Kerberos authentication mechanism. With this feature, a user can log in once and then can access other applications that support Kerberos Authentication without having to log in a second time. It provides an SSO, end-to-end interoperability solution and preserves the original requester identity.

This book provides a set of common examples and scenarios that demonstrate how to use the Kerberos with WebSphere Application Server. The scenarios include configuration information for WebSphere Application Server V7 when using a KDC from Microsoft®, AIX®, and z/OS® as well as considerations when using these products. The intended audience for this book is system administrators and developers who use IBM WebSphere Application Server V7 on distributed platforms.

Table of Contents

Chapter 1. Introduction

Chapter 2. Setting up a KDC on a z/OS system

Chapter 3. Configuring IBM Network Authentication Service KDC on AIX

Chapter 4. Setting up Microsoft Active Directory and Kerberos KDC

Chapter 5. Setting up trust between an AIX KDC and a z/OS KDC

Chapter 6. Setting up trust between a Microsoft Kerberos KDC and a z/OS KDC

Chapter 7. Single sign-on to WebSphere ApplicationServer using SPNEGO

Chapter 8. Single sign-on to WebSphere Application Server for z/OS using SPNEGO

Chapter 9. Single sign-on using SPNEGO in a trusted Microsoft Kerberos KDC environment

Chapter 10. WS-SecurityKerberos with a J2EE Web services client

Chapter 11. WS-SecurityKerberos with a .NET Web services client

Chapter 12. WS-SecurityKerberos with a Thin Client for JAX-WS and .NET provider

Chapter 13. Single sign-on to WebSphere Application Server and DB2 from a Java application client

Chapter 14. Single sign-on from a Java thin client with AIX and z/OS Kerberos trusted realms

Chapter 15. SSO to WebSphere Application Server for z/OS and DB2 using Microsoft Kerberos KDC and z/OS KDC trust

Chapter 16. Command-line administration withKerberos authentication

Chapter 17. Implementing Kerberos in a flexible managementenvironment

Chapter 18. Problem determination

Appendix A. JAAS custom mapping login module source code

Appendix B. Configuring Web browsers for SPNEGO

Appendix C. Sample applications

Appendix D. Installing the Application Client for WebSphere Application Server

Appendix E. Additional material

 

Others who read this also read