LTPA Tokens For JAX-RPC and JAX-WS in IBM WebSphere Server Version 7. Client and Provider communication.

 

HAPPY NEW YEAR!!!! To all the followers of this blog. I changed jobs in the later half of last year 2011 and as a result neglected my blog. I hope to turn things around this year Smile

Today we are going to look at JAX-RPC and JAX-WS communication in IBM WebSphere Server 7.  We will look at communication using LTPA tokens and passing LTPA version 1 and LTPA version 2 tokens for authentication.

We will show how to setup the client bindings and provider bindings to enable this communication. This will be of particular importance when legacy applications for WebSphere 6 and earlier need to communicate with Websphere 7 clients.

This will revolve around Provider Policy Set Bindings and Client Policy Set Bindings .

In this article we assume that we have two applications the first is a legacy provider application from IBM WebSphere Server 6 that uses JAX-RPC, (we will call this application LegacyProviderApp1) and we have a new client application from IBM WebSphere Server 7 that uses JAX-WS.

Now LTPA tokens version 1 are compatible with JAX-RPC so here we will show how to setup a client binding that uses LTPA version 1 tokens as seen below:

image

image

Go to Services> Policy Sets> General client policy bindings> New:

image

 

From Add select WS-Security.  Under WS-Security we have various options:

image

We are interest in Authentication and protection. Note you will add the necessary information for Keys and certificates, Message expiration and Custom Properties according to your design specifications.

After clicking Authentication and protection we look at Authentication tokens:

image

Here we have created two Authentication tokens: gen_signltpaproptoken and gen_signltpatoken

gen_signltpatoken is configured as follows:

image

The Namespace URI ending with 5.0.2 is LTPA version 1 which is compatible with JAX-RPC.

Now if you want to ensure that only LTPA version 2 tokens are supported and accepted then select Token type>LTPA Token v2.0

image

The gen_signltpaproptoken is configured as follows:

image

We can actually setup multiple client bindings. So we can have two. One for LTPA version1 tokens and another for LTPA version 2 tokens.

Now we look at the setup of the provider.

Go to General provider policy set bindings>New and create a new binding:

image

Name it to LegacyProviderApp1Provider and then Add> WS-Security. Once again we are interest in Authentication and protection. Note you will add the necessary information for Keys and certificates, Caller, Message expiration and Custom Properties according to your design specifications.

image

Now click on Authentication and protection. Again we are interested only in Authentication tokens :

image

image

Click on con_ltpatoken (this means consumer Smile)

image

If you select LTPA Token v2.0 but you do not check Enforce token version. Then this provider will be able to generate tokens that are LTPA version 1 and LTPA version 2 compatible. This will also aid in JAX-RPC communication for applications designed under WebSphere 6 and below.

The details for con_ltpaproptoken are as follows:

image

 

There you have it we have setup Provider Bindings and Client Bindings that will enable communication using LTPA version 1 and version2  tokens. Smile

Advertisements

About gjcbell

I'm a software designer and integration specialist in Cape Town, South Africa. I work for SPF at SGH. I develop applications in Java, Cplusplus and Python and JavaScript. I design websites and web applications.
This entry was posted in Uncategorized and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s