Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Authenticate users > Implement single sign-on to minimize web user authentications > Create a single sign-on for HTTP requests using the SPNEGO TAI (deprecated) > Configure WAS and enabling the SPNEGO TAI (deprecated)
Delete SPNEGO TAI properties using the wsadmin utility (deprecated)
You use the wsadmin utility to delete properties in the configuration of the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) trust association interceptor (TAI) for WAS.
Deprecated feature:
In WAS Version 6.1, a trust association interceptor (TAI) that uses the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) to securely negotiate and authenticate HTTP requests for secured resources was introduced. In WAS 7.0, this function is now deprecated. SPNEGO web authentication has taken its place to provide dynamic reload of the SPNEGO filters and to enable fallback to the application login method. depfeat
Verify that end-user desktop browsers are configured to support SPNEGO authentication, that the SPNEGO TAI is enabled, that the JVM property is set and, that WAS is configured to enable the operation of the SPNEGO TAI. You use the wsadmin utility to configure the SPNEGO TAI for WAS:
Procedure
- Start WAS.
- Start the command-line utility by running the wsadmin.sh command from the WAS_HOME/bin directory.
- At the wsadmin.sh prompt, run:
$AdminTask deleteSpnegoTAIProperties
You can use the following parameters with this command:Option Description <spnId> This is an optional parameter. It is the SPN identifier for the group of custom properties that are to be deleted with this command. If not specified, all SPNEGO TAI custom properties are deleted.
Results
SPNEGO TAI properties are deleted for this WAS.
Example
wsadmin>$AdminTask deleteSpnegoTAIProperties {-spnId 2}
wsadmin>$AdminTask deleteSpnegoTAIProperties com.ibm.ws.security.spnego.SPN1.filter=request-url!=noSPNEGO;request-url%=snoop com.ibm.ws.security.spnego.SPN1.hostName=central01.austin.ibm.com com.ibm.ws.security.spnego.SPN2.hostName=wssecpd.austin.ibm.com wsadmin>
Configure WAS and enabling the SPNEGO TAI (deprecated)
Related
SPNEGO TAI custom properties configuration (deprecated)