Question

30
Views
Close popover
RJ Salicco (rjsalicco)
New York Life
Technical Architect
New York Life
US
rjsalicco Member since 2012 1 post
New York Life
Posted: December 3, 2020
Last activity: December 3, 2020

SSO, SPNEGO and IBM WebSphere

Our team is currently working with Pega 8.4.2 and IBM WebSphere and we are implementing SSO using the SPNEGO filter and mechanisms provided by IBM WebSphere. We cannot use the SourceForge SPNEGO filter (as eluded to in Pega web.xml file) because it does not work with the IBM JDK, this is because of settings that are needed that are not supported in the login.conf file rekated to class com.ibm.security.auth.module.Krb5LoginModule. We have a custom Authentication Service that relies on the user's token being available on the Servlet, ie:  

javax.servlet.http.HttpServletRequest request
= (javax.servlet.http.HttpServletRequest)tools.getRequestor().getRequestorPage().getObject("pxHTTPServletRequest");

userName = request.getRemoteUser();

We are seeing the username coming over in the logs but we seem to be missing something in IBM WebSphere or in our Pega code or Pega web.xml to finalize our solution. We met with a people from Pega a few weeks ago and I think we are headed on the right track, we would just like some guidance on how we are doing things with Pega 8.4 and IBM WebSphere.

Pega Platform 8.4.2 Security Insurance System Architect