Lightweight Directory Authentication Protocol (LDAP) is often promoted as a
means to leverage an organizational directory as a principal registry for
WebSphere authentication and authorization. Advantages include the capability
to configure single sign-on across application servers, enabling additional
organizational applications, centralized user administration, multimastered
replication across authentication sites, and flexible, extensible data
formats - not to mention that LDAP is a vendor-neutral protocol and API
backed by IETF. This begs the question of how to implement WebSphere security
through LDAP.
This two-part series presents a simplified example of how to configure
WebSphere Application Server version 5.0 to use IBM Directory Server v5.1 as
its user registry for J2EE application user authentication and role-based
authorization. This registry enables the... (more)
The use of Lightweight Directory Authentication Protocol (LDAP) for WebSphere
authentication and authorization offers the advantages of single sign-on
across application servers and a vendor-neutral protocol and API.
Part 1 of this two-part series showed how to set up a directory and sample
application infrastructure for demonstrating WebSphere authentication using
LDAP. In Part 2 I take you through the process of setting up LDAP
authentication for WebSphere through the following tasks:
Defining roles and constraints in the Web application deployment descriptor
Mapping roles to LD... (more)
Lou Mauget is a senior consultant with CrossLogic Corporation where his assignments include J2EE mentoring and designing instructional material. He has coauthored three computer-related books. His prior career at IBM included work as a consultant, programmer, and developer.
David Lucas
Shaul Efraim
Terence Martin Breslin
Cory Marchand
David Hughes
James Carlini
John Iffert
Dan Stolts
Joe Zeto
