It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×42,633
×7,287
×5,675
×4,259
×1,667
×489
×472

question asked: Feb 22 '18, 10:05 a.m.
question was seen: 1,817 times
last updated: Mar 07 '18, 10:03 p.m.

Related questions

FAQ - How this Forum works

Jazz Security Architecture (SSO) with Jazz application

0
Umar Ashraf (153) | asked Feb 22 '18, 10:05 a.m.
edited Feb 22 '18, 10:28 a.m. by Fariz Saracevic (874613)

Is it possible to delegate SSO authentication using JAS for a non Jazz application? If yes, please give some guide lines how to achieve so or point me to any relevant document?

Accepted answer

1
permanent link
Donald Nong (14.5k414) | answered Mar 06 '18, 10:27 p.m.

JAS is an implementation of the Liberty OpenID Connect feature, as a OpenID Connect provider. I believe an application needs to register itself to JAS using those endpoints exposed by JAS to utilize the JSA SSO. If the application that you have in mind has no such capability, I don't think you can do anything about it.

Umar Ashraf selected this answer as the correct answer
Comments
Umar Ashraf commented Mar 07 '18, 3:07 a.m.

Thanks for the response. Could you please elucidate what you meant by JAS endpoints? Also, please point me to any specification where I can find the procedure to register a non-jazz application with JAS?  

Donald Nong commented Mar 07 '18, 10:03 p.m.

The endpoints are listed in the below document.
https://www.ibm.com/support/knowledgecenter/en/SSEQTP_8.5.5/com.ibm.websphere.wlp.doc/ae/rwlp_oidc_endpoint_urls.html

For JAS, the <provider_name> is "jazzop".

I believe the application needs to be rewritten to take advantage of the Liberty OpenID Connect feature. I don't have any more details on that I am afraid. You can search "Liberty OpenID Connect" and see if any materials are helpful.

Your answer

Register or to post your answer.