Installation GuidesSOA Agent for IBM WebSphere GuideConfigure WebSphere to Work with the SOA Agent › Configure the SOA Agent Login Module in WebSphere

Previous Topic: Configure LDAP as a WebSphere User Registry

Next Topic: SOA Agent for IBM WebSphere Logging

Configure the SOA Agent Login Module in WebSphere

You configure the SOA Agent Login Module in the WebSphere Application Server using the WebSphere Integrated Solutions Console. General information about configuring Login Modules is available in the WebSphere documentation.

To configure the WebSphere Application Server to use the SOA Agent Login Module

  1. If necessary, start the WebSphere Server and the WebSphere Integrated Solutions Console.
  2. Click the following, in the order shown:

    In the navigation tree: Security, Secure Administration, Applications and Infrastructure.

    In the work area: Java Authentication and Authorization Service, System Logins.

  3. Click New to create a new System Login profile. This profile will contain SOA Agent Login Module and two other standard WebSphere login modules create the WebSphere identity and credentials so that the identity is propagated to the rest of WebSphere and can be used for WebSphere single sign-on.
  4. Under General Properties on the New page, enter "XMLAgent" in the Alias field and click Apply.
  5. Under Additional Properties, click JAAS login modules.
  6. Add the SOA Agent Login Module:
    1. On the JAAS Login Modules page, click New.
    2. Under General Properties on the New page, enter the SOA Agent Login Module class name: 
      com.ca.soa.agent.appserver.jaas.XMLAgentLoginModule
    3. Ensure that REQUIRED is selected from the Authentication strategy drop-down list.
    4. Click Apply to save your changes.
  7. Add the WebSphere LTPA Login Module:
    1. Back on the JAAS Login Modules page, click New.
    2. Under General Properties on the New page, enter the WebSphere LTPA Login Module class name: 
      com.ibm.ws.security.server.lm.ltpaLoginModule
    3. Ensure that REQUIRED is selected from the Authentication strategy drop-down list.
    4. Click Apply to save your changes.
  8. Add the WebSphere Default Inbound Login Module:
    1. Back on the JAAS Login Modules page, click New.
    2. Under General Properties on the New page, enter the WebSphere Default Inbound Login Module class name:
    3. com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule
    4. Ensure that REQUIRED is selected from the Authentication strategy drop-down list.
    5. Click Apply to save your changes.
  9. Back on the JAAS Login Modules page, click Set Order.
  10. Under General Properties on the JAAS Login Module Order page, if necessary, move the Login Modules so that they appear in the following order: 
    com.ca.soa.agent.appserver.jaas.XMLAgentLoginModule

    com.ibm.ws.security.server.lm.ltpaLoginModule

    com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule
  11. Click Apply to save your changes.To save changes permanently, click System Administration and Save Changes to the Master Repository.

    Note: Until you save changes to the master repository, the Integrated Solutions Console uses a local workspace to track your changes.