A web application has a configured session timeout of eight hours and a default LTPA token timeout of two hours. After every two hours, the users have to log in again from their HTTP browser. The system administrator is required to make configuration changed so users only have to log in once, while keeping the above mentioned timeouts the same. The authentication mechanism available is Kerberos.
How should the administrator do this?
In WebSphere Application Server Version 6.1, a trust association interceptor (TAI) that uses the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) to securely negotiate and authenticate HTTP requests for secured resources was introduced. This function was deprecated In WebSphere Application Server 7.0. SPNEGO web authentication has taken its place to provide dynamic reload of the SPNEGO filters and to enable fallback to the application login method.
Currently there are no comments in this discussion, be the first to comment!