From SAML to LTPA2 Token for IBM BPM 8.5.6

Question

I am building a TAI Interceptor for Websphere 8.5.5.x, the aim is to intercept the request and send it for 2-Factor authentication which will then return a SAML token.

I am doing this by implementing com.ibm.wsspi.security.web.saml.AuthnRequestProvider interface.

From what I understand I just need to ensure that this points the user to 2-Factor site.

When I get the response back it has a SAML Token which I can interrogate using the com.ibm.wsspi.security.web.saml.UserMapping interface. Where I can obtain all the returned attributes in the SAML token.

However I want to use this data to build an LTPA2 token asserting an identity and group membership for use within BPM.

Many thanks for any help

Benjamin

score 0 · Answer 1 · answered Dec 07 '17 at 15:16

As far as I know there is no WebSphere API to generate an LTPA token.

There are ways to do it in API Connect but that might not be helpful in your case: https://www.ibm.com/support/knowledgecenter/en/SSMNED_5.0.0/com.ibm.apic.toolkit.doc/rapim_ref_ootb_policyltpagen.html

From SAML to LTPA2 Token for IBM BPM 8.5.6

1 Answers1