Jazz Security Architecture (SSO) with Jazz application

0	Umar Ashraf (15●4) \| asked Feb 22 '18, 10:05 a.m. edited Feb 22 '18, 10:28 a.m. by Fariz Saracevic (904●6●13) Is it possible to delegate SSO authentication using JAS for a non Jazz application? If yes, please give some guide lines how to achieve so or point me to any relevant document?

Accepted answer

permanent link

Donald Nong (14.5k●4●14) | answered Mar 06 '18, 10:27 p.m.

JAS is an implementation of the Liberty OpenID Connect feature, as a OpenID Connect provider. I believe an application needs to register itself to JAS using those endpoints exposed by JAS to utilize the JSA SSO. If the application that you have in mind has no such capability, I don't think you can do anything about it.

Umar Ashraf selected this answer as the correct answer

Comments

Umar Ashraf commented Mar 07 '18, 3:07 a.m.

Thanks for the response. Could you please elucidate what you meant by JAS endpoints? Also, please point me to any specification where I can find the procedure to register a non-jazz application with JAS?

Donald Nong commented Mar 07 '18, 10:03 p.m.

The endpoints are listed in the below document.
https://www.ibm.com/support/knowledgecenter/en/SSEQTP_8.5.5/com.ibm.websphere.wlp.doc/ae/rwlp_oidc_endpoint_urls.html

For JAS, the <provider_name> is "jazzop".

I believe the application needs to be rewritten to take advantage of the Liberty OpenID Connect feature. I don't have any more details on that I am afraid. You can search "Liberty OpenID Connect" and see if any materials are helpful.

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

It's all about the answers!

Related questions

Jazz Security Architecture (SSO) with Jazz application

Accepted answer

Your answer