Custom TAM TAI++ Interceptor to detect step-up authentication

It is a common practice to externalise the authentication from Web application servers like IBM WebSphere Application Server (WAS) to dedicated single sign on (SSO) servers like IBM Tivoli Access Manager for eBusiness (TAMeB). The SSO server, for example, TAMeB, offers enhanced security features like strong authentication and step-up authentication In order to externalise the authentication from WAS to TAMeB, a trust association interceptor (TAI) should be installed and configured on the WebSphere Application Server (WAS). However, the TAI shipped with the default WAS 6.x servers cannot detect the authentication level of the user, that is, whether the user used password or a security token. This additional information about the authentication level might be needed to the applications running on WAS to make authorization decisions. A custom TAM TAI++ interceptor should be developed and installed on the WebSphere Application Server to determine the authentication level of the user. This article explains the procedure to develop and install such a custom TAM TAI++ interceptor.

Custom TAM TAI++ Interceptor to detect step-up authentication

It is a common practice to externalise the authentication from Web application servers like IBM WebSphere Application Server (WAS) to dedicated single sign on (SSO) servers like IBM Tivoli Access Manager for eBusiness (TAMeB). The SSO server, for example, TAMeB, offers enhanced security features like strong authentication and step-up authentication In order to externalise the authentication from WAS to TAMeB, a trust association interceptor (TAI) should be installed and configured on the WebSphere Application Server (WAS). However, the TAI shipped with the default WAS 6.x servers cannot detect the authentication level of the user, that is, whether the user used password or a security token. This additional information about the authentication level might be needed to the applications running on WAS to make authorization decisions. A custom TAM TAI++ interceptor should be developed and installed on the WebSphere Application Server to determine the authentication level of the user. This article explains the procedure to develop and install such a custom TAM TAI++ interceptor.

Custom TAM TAI++ Interceptor to detect step-up authentication

It is a common practice to externalise the authentication from Web application servers like IBM WebSphere Application Server (WAS) to dedicated single sign on (SSO) servers like IBM Tivoli Access Manager for eBusiness (TAMeB). The SSO server, for example, TAMeB, offers enhanced security features like strong authentication and step-up authentication In order to externalise the authentication from WAS to TAMeB, a trust association interceptor (TAI) should be installed and configured on the WebSphere Application Server (WAS). However, the TAI shipped with the default WAS 6.x servers cannot detect the authentication level of the user, that is, whether the user used password or a security token. This additional information about the authentication level might be needed to the applications running on WAS to make authorization decisions. A custom TAM TAI++ interceptor should be developed and installed on the WebSphere Application Server to determine the authentication level of the user. This article explains the procedure to develop and install such a custom TAM TAI++ interceptor.

Custom TAM TAI++ Interceptor to detect step-up authentication

It is a common practice to externalise the authentication from Web application servers like IBM WebSphere Application Server (WAS) to dedicated single sign on (SSO) servers like IBM Tivoli Access Manager for eBusiness (TAMeB). The SSO server, for example, TAMeB, offers enhanced security features like strong authentication and step-up authentication In order to externalise the authentication from WAS to TAMeB, a trust association interceptor (TAI) should be installed and configured on the WebSphere Application Server (WAS). However, the TAI shipped with the default WAS 6.x servers cannot detect the authentication level of the user, that is, whether the user used password or a security token. This additional information about the authentication level might be needed to the applications running on WAS to make authorization decisions. A custom TAM TAI++ interceptor should be developed and installed on the WebSphere Application Server to determine the authentication level of the user. This article explains the procedure to develop and install such a custom TAM TAI++ interceptor.