0

We have created a custom application and deployed it as separate WAR in IBM WebSphere Application Server 8.5. In the custom application we have created a class file to check whether Ltpatoken2 is set . If it’s not set the user will redirect to custom login page otherwise they will get access to the application . We have enabled single sign on for Process Portal Url and the custom application as well . Once the single sign on is successful and if the user is redirecting back to Process Portal its generating the LtpaToken2 . If the user is redirecting back to custom application , then it’s not generating LtpaToken2 though the single sign on was Successful. To set Ltpatoke2 in this case ,user has to access ProcessPortal URL again or they have to login to the application using normal login page from the application once again.

Process Portal URL : https:// dev.mydomain.com:31067/ProcessPortal/

Custom Application URL : https:// dev.mydomain.com:31067/MyApp/

Single Sign On : https://wsso. mydomain.com/ SignOn.htm

Fire Bug Details

Process Portal Process Portal

Custom Application Custom Application

user457508
  • 41
  • 1
  • 5
  • Do you really need manual handling of LTPA tokens instead of the SSO facilities already provided by WAS? – ᄂ ᄀ Feb 24 '15 at 09:12
  • SSO is generating LTPA Token, but WebSphere TAI (Trust Association Interceptors) is blocking its propagation to custom application because of security reasons – user457508 Feb 25 '15 at 11:51

1 Answers1

0

basically it looks like you have not protected your entry path using J2EE roles. By default WebSphere does not enforce authentication. If you add to the J2EE application (web.xml) WebSphere could be told to go to a custom authentication page automatically. Using this case you would enable your application to be able to use more of the WebSphere Security Features

Stefan Schmitt
  • 165
  • 9