Saturday, December 10, 2005

Security Attribute Propagation Security Attribute Propagation in WebSphereSecurity attribute propagation provides propagation services using Java serialization for any objects that are contained in the Subject. And since serialization problems can occur when dealing with multiple platforms Websphere application server also offers a token framework that enables custom serialization fucntionality. When a request is being authenticated, a determination is made by the login modules whether this is an initial login or a propagation login.

  1. An initial login is the process of authenticating the user information, typically a user ID and password, and then calling the application programming interfaces (APIs) for the remote user registry to look up secure attributes that represent the user access rights.
  2. A propagation login is the process of validating the user information, typically an Lightweight Third Party Authentication (LTPA) token, and then deserializing a series of tokens that constitute both custom objects and token framework objects known to the WebSphere Application Server.

6 comments:

Popular Posts