You must perform the configuration tasks that set up identity propagation on WebSphere® Application Server.
- Enable application security. Use the administrative console; navigate
to Security > Global security and select Enable
application security:
- Install the identity propagation login module:
- From the WebSphere administrative
console; click , and expand Java Authentication
and Authorization Service. Click Application
logins and select New. Give this
login the alias CTG_idprop and click OK.
- From the WebSphere administrative console; click , and expand Java Authentication and Authorization Service. Click Application logins, select CTG_idprop and click New.
- Set the module class name to com.ibm.ctg.security.idprop.LoginModule.
- Select REQUIRED from the Authentication strategy drop down list.
- Under Custom properties create an entry with the Name set to propIdentity and Value set to RunAs.
- Click OK.
- From the WebSphere administrative
console; click , and expand Java Authentication
and Authorization Service. Click Application
logins and select New. Give this
login the alias CTG_idprop and click OK.
- Associate the identity propagation login module with the client
application:
- From the administrative console, navigate Applications > Application types > WebSphere enterprise applications and select the ECIDateTime application from the list.
- Select Resource references.
- Select the ECI resource reference using the checkbox, and then select Modify resource authentication method.
- Select Use Custom login configuration and then select the identity propagation login module CTG_idprop that you installed in the previous step.
- Click Apply, to apply the selected identity propagation login module to the ECI resource reference.
- Click OK.
- Save the configuration changes that you have made so far.
Information