I need to mock the user accounts datasource (the 'user realm') for a web app on WAS 8.x. The final actual implementation will use LTPA with Active Directory as the authentication datasource, and Spring Security for the Authorization part (permissions will be stored in a database). For the initial proof-of-concept, I need to implement a working LTPA authentication, but integration with LDAP / AD is not required. So I plan to do container-based in-memory realm authentication with LTPA, and Spring Security authorization. With Tomcat, you can use a tomcat-users.xml file to create an in-memory realm - it's very easy and convenient. Is anything similar supported with WebSphere? I've been wading through online WAS documentation but can't seem to find anything directly related. Any pointers greatly appreciated.
Asked
Active
Viewed 527 times
1 Answers
0
You can set up your own custom User registries in WAS as you see fit. You can do that without having any other repository or use it together with other repositories (such as an LDAP repository). If you use multiple user repositories make sure whatever you use as user login IDs don't clash (any given user id must not match more than one user).
The LTPA token must be created somewhere and I am not quite sure based on your description how you are creating it. In this case, it would be created as soon as you log in into your custom user registry. You can then of course configure multiple servers within the same SSO domain to use LTPA authentication, using your user registries.
- More on custom user registries: IBM WAS 8.0 - Configuring stand-alone custom registries
- More on LTPA configuration: IBM WAS 8.0 - Configuring LTPA and working with keys
DanielBarbarian
- 5,093
- 12
- 35
- 44