Friday, 16 December 2011

WebSphere and Open Authorization

Saw this on Twitter today, thanks to IBM developerWorks

Using Trust Association Interceptors with WebSphere Application Server to support OAuth tokens

Summary:  Are you looking to share access of your protected resources by becoming an OAuth service provider? This article describes how you can use IBM® WebSphere® Application Server (V7.0 and later) with Trust Association Interceptors (TAI) to accept OAuth tokens for authorizing calls from applications or web sites (consumer) to protected resources. TAIs make it possible to support OAuth alongside other token services, such as LTPA, while meeting WS-Security restrictions. This content is part of the IBM WebSphere Developer Technical Journal.

Having presented on WebSphere Portal and Security at the WebSphere User Group back last year, and having delivered a project integrating WebSphere and Active Directory ( via Kerberos and SPNEGO ), this is a subject close to my heart.

My next challenge is to integrate IBM Connections with IBM Tivoli Access Manager ( aka WebSEAL ). That's a job for 2012 ….

There's a bunch of other related material on this topic, including this and this.

No comments:

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...