The form-based authentication login modules provided with the client perform a form-based login against a remote TAM, SiteMinder or WebSphere® Portal server, and retrieve a cookie (or LTPA token, in the case of WPS). The cookie or LTPA token is returned in the form of a SingleSignonToken
object. The SingleSignonToken
object has a getSsoTokens()
method which returns an array of org.apache.commons.httpclient.Cookie
You can use these cookies to leverage the cookie or LTPA token for authentication. This object also implements the JAAS Refreshable and Destroyable interfaces, allowing the caller to refresh and destroy the tokens. You can provide your own form-based login modules, which provide SSO tokens for platform consumers by providing your own implementation of the SingleSignonToken
Single sign on with a remove server is also supported for the HTTP basic authentication method. In this case, the HTTP basic login module does the authentication. Once authentication is successful, the username and password are placed in the JAAS subject and can be used in future requests to the server.
Parent topic: Login configurations: XPD622