Tuesday, 4 December 2018

WebSphere Application Server (WAS) and Single Sign-On (SSO) - Back to 2011

It's been a while since last I did this, but I'm revisiting the happy days of 2011, when first I setup WAS and SSO with Microsoft Active Directory, Kerberos and SPNEGO.

I even presented upon the topic in 2012: -

IBM Connections and Desktop Single Sign-On using Microsoft Active Directory, Kerberos and SPNEGO

Whilst I've done the SPNEGO piece time and again, the thing that I'd not done in a while was to configure the fallback login page.

Thankfully, the IBM Connections documentation to which I referred back in 2012 is still there, albeit in more recent form: -

Configuring SPNEGO (and Kerberos optionally) on WebSphere Application Server

The significant thing is to create a fallback login page, using the HTML example here: -

This was then hosted on the IBM HTTP Server (IHS) service that fronts the WAS 9 environment: -


which I then configured in WAS: -

Now, when I hit my servlet via a clean browser: -


I automatically get a login page: -

Note that the URL automatically gets ?noSPNEGO : -


thanks to the filter criteria: -

No comments:

Grokking grep

A colleague was tinkering with grep  and, thanks to him, I discovered a bit more about the trusty little utility. I had not really explored ...