Dec 10th, 2011, 05:31 PM
Support IBM WAS Single Cell Sign-on ltpa cookie
My companies web application is currently built using spring security and spring mvc features where we have implemented authentication using a custom login forma and AuthenticationProvider delegating authentication to a custom third party JAVA API service.
We now need to meet a requirement to support IBM Websphere Application Server (WAS) container managed authentication which produces a ltpatoken cookie for IBM specific single-signon support to other Web appplications deployed within the same IBM WAS container.
Is this feasible to support both the container managed ltpatoken cookie generation and Spring Security managed custom authentication provider configured via spring? From what I have read to enabled cookie generation the WAR deployment must be configured with security-constraint and login-config elements in the web.xml and use standard servlet /j_security_check URI.
Has anyone else needed to meet this same requirment?