Before you begin
Connections on a system that uses Microsoft
™ Active Directory as the LDAP directory.
Install the following WebSphere
® Application Server interim fixes:
- PM19604. "SPNEGO web authentication always interacts with the SPNEGO interceptor even though URLs are not protected."
Note: This iFix is already included in WebSphere Application Server versions 184.108.40.206 and 220.127.116.11. If you already use version 18.104.22.168, you do not need to install this iFix.
- PM21308. "CWSIT0034E and CWSIT0110E caused by SECJ9314E exception in Service Integration Bus."
Note: This iFix is already included in WebSphere Application Server version 22.214.171.124. If you already use version, 126.96.36.199, you do not need to install this iFix.
- PM30108. "Cannot forward. Response already committed on SPNEGO system."
Note: This iFix is valid for WebSphere Application Server version 188.8.131.52. If you already use version, 184.108.40.206, you do not need to install this iFix.
Verify that IBM
Connections works as expected without the Kerberos authentication protocol.
Install Kerberos. For more information, go to the Kerberos (KRB5) authentication mechanism support for security
If you are using on-ramp plug-ins or mobile services, your data traffic is not authenticated by Kerberos tickets or SPNEGO tokens. It is instead authenticated through J2EE form-based authentication.
Create a user account in the LDAP directory and add it to the WebSphere
Application Server administrators group.
About this task
The Kerberos authentication protocol uses strong cryptography which enables a client to prove its identity to a server across an insecure network connection. After the client and server have proven their identity, the authentication protocol encrypts all data that the client and server exchange. Kerberos uses the SPNEGO mechanism to negotiate the security authentication.
To configure IBM
Connections to use the Kerberos authentication protocol, complete the following tasks:
Parent topic: Configuring single sign-on
IBM Connections system requirements