Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Jazz Authentication Server to Reverse Proxy SSO

Questions
Tags
Users
Badges
Bruce Azzarito
(2613) retagged
Feb 18 '17, 2:23 a.m.

We have a distributed Jazz server environment with JTS, CCM, RM, QM and DCC at 6.0.2.  During the upgrade from 5.0.2 to 6.0.2 we installed and configured the JAS for SSO.  We are now thinking we should have gone the reverse proxy architecture route.  Is it possible to migrate from the JAS SSO to Reverse Proxy environment?  Can we remove JAS and return to the JTS authentication?

0 votes

1 answer
3,156 views
0 votes

One answer

Permanent link
Shubjit Naik
(1.5k1613) Feb 18 '17, 2:23 a.m.

 HI Bruce


Firstly, you cannot return to JTS authentication once you have deployed and migrated to JAS.

However, you should be able to introduce a Reverse Proxy. I have not tested it, but here is an article talking about Rename with JAS SSO.

Make sure you try it on a staging environment as mentioned in the article.

Best Regards
Shubjit

0 votes

Comments
Bruce Azzarito
Feb 22 '17, 12:06 p.m.

Shubjit,

Thanks for the article.  Very interesting indeed.  I need to review the Reverse Proxy architecture process again to see if renaming process in the article you provided will produce the results we are expecting.  It is my understanding that with Reverse Proxy you use the SSO feature of WAS and not JAS.  It is possible my understanding is incorrect.  Looks like I have lots more reading to do.  Thanks again for you assistance.

Shubjit Naik
Feb 23 '17, 12:24 a.m.

Hi Bruce


No. Reverse Proxy or not, SSO options are available to use. It could be Container (WAS/Liberty) or JAS. Although once you have introduced JAS you cannot go back or move out of it.

In your case you have a distributed setup and you may have a Reverse Proxy (IBM HTTP Server) in place to maintain a single URL right? (If not, you have different URLs for each application?)
And now are trying to to add JAS behind the same Reverse Proxy so have the same base Unique URL?


Regards
Shubjit

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,497
× 2,357
× 29
× 1

Question asked: Feb 17 '17, 4:07 p.m.

Question was seen: 3,156 times

Last updated: Feb 23 '17, 12:24 a.m.

Confirmation Cancel Confirm