1

I have set up the SSO between 2 WAS cells and its being verified. LDAP is being configured in both WAS cells. My question is how to generate the LTPA token which contains the mail or the employee id in it ? In my case the LTPA token generated contains the employee id of the user and I am expecting email id of the user in the LTPA token at receiving end. Is there any setting on WAS console which allows me to set the email id of the user in generated LTPA token ? I have WAS server version 8.5.

4

1 回答 1

1

编辑:对不起,我之前的回答就像您自己创建 LTPA 令牌一样。这就是我认为的问题所在:

您有两个单元,这两个单元使用不同的 LDAP 服务器。cell1 领域中的主体是员工编号,而 cell2 中的主体是电子邮件地址。

将 LTPA 用于 SSO 假定所有单元都使用相同的密钥和相同的注册表或镜像。您能够使其工作的唯一方法是在目标上编写一个自定义登录模块,以将令牌中的用户名映射到目标注册表中的用户名。

于 2015-08-06T12:25:23.107 回答