WebSphere Application Server - Web Server Plug-in and secure directories on the HTTP server

This is Interesting: Free IT Magazines  
Home > Archive > WebSphere Application Server > November 2005 > Web Server Plug-in and secure directories on the HTTP server





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Web Server Plug-in and secure directories on the HTTP server
Peter Groslouis

2005-11-21, 5:54 pm


I understand that the Web Server plug-in for WAS 5.1 is used to forward HTTP requests from the IBM HTTP Web server to the WebSphere Applications Server. This allows developers to put their static content on the HTTP server and their dymanic content on Web
Sphere server.

That being said, I have two questions:
1- Does the forwarding work both directions IHS <-> WAS?

2 - If there was security setup in a directory (using .htaccess in the directory) on the HTTP server and the user logged into the WAS server, will they still have to authenticate to the IHS server, or does the plug-in handle authentication between the two
servers?

I am basically wondering if there is single sign-on between Websphere and IBM HTTP Server?

Thanks Peter
Paul Ilechko

2005-11-21, 5:54 pm

Peter Groslouis wrote:
> I understand that the Web Server plug-in for WAS 5.1 is used to
> forward HTTP requests from the IBM HTTP Web server to the WebSphere
> Applications Server. This allows developers to put their static
> content on the HTTP server and their dymanic content on WebSphere
> server.

Given that the plug-in can cache static content, there's no real good
reason to do this separation anymore. Put all the static content in the
EAR on WAS.

Peter Groslouis

2005-11-21, 8:49 pm

> Peter Groslouis wrote:
> 5.1 is used to
> to the WebSphere
> their static
> content on WebSphere
>
> Given that the plug-in can cache static content,
> there's no real good
> reason to do this separation anymore. Put all the
> static content in the
> EAR on WAS.
>
What we are doing is uploading html and PDF files onto the IHS as data for the application, therefore the static content is not really static and I would not be able to include them in the EAR on WAS.

The files are secured on the IHS (using .htaccess), so no one else would be able to access them except through the WAS. I am just trying to prevent the double login.


Ken Hygh

2005-11-22, 2:49 am

Peter Groslouis wrote:

>What we are doing is uploading html and PDF files onto the IHS as data for the application, therefore the static content is not really static and I would not be able to include them in the EAR on WAS.
>
>The files are secured on the IHS (using .htaccess), so no one else would be able to access them except through the WAS. I am just trying to prevent the double login.
>
>
>
>
There's no sharing of credentials between IHS and WAS.

Ken
Paul Ilechko

2005-11-23, 5:56 pm

Ken Hygh wrote:
> Peter Groslouis wrote:
>
> There's no sharing of credentials between IHS and WAS.

You might be able to get SSO across WAS and IHS using a security proxy
like Tivoli Access Manager (Webseal) - I'm not sure if it supports IHS
or not. You could also achieve it using client certificates.
Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com