I'm developing a smartphone app to run under iOs, which will call Websphere OpenSCA components, via Web Service bindings. I want to protect the Web Services using an LTPA token in a WSSE-Security binaryToken.
The client wants to have users sign on with a customer id (8 digits) and 3-of-6 PAC digits.
I was thinking of writing a WAS TAI to handle the authentication, but I'm not sure if I can then obtain an LTPA token, and send it back to the iOS app, where it would be used as part of follow on Web Service calls, as described above.
Does anyone have any ideas, or advice on how I might proceed?
Cheers, Con
Please check this. The TAI itself does not generate the LTPA token, but it creates the TAIResult which will be used by WebSphere to build the LTPA token. I expect you need to have an endpoint that you protect using the TAI or where the TAI will listen too (TAI will be called on all non authenticated requests to protected resources by default, but you could add logic in the TAI to only listen to specific end points
http://www.ibm.com/developerworks/websphere/techjournal/0508_benantar/0508_benantar.html