Chapter 4. Configuration and customization 121
򐂰 External authentication interface (EAI)
4.4.1 MPA authentication
Access Manager provides an authentication mechanism for clients using a
multiplexing proxy agent (MPA). This is a special variation of the authentication
with customized HTTP headers that is often used for mobile phones and PDAs,
but is not limited to these devices.
Multiplexing proxy agents are gateways that accommodate multiple client
access. The IBM Everyplace Wireless Gateway (EWG) is an integrated part of
the IBM WebSphere Everyplace Suite that provides security-rich wired and
wireless connectivity between the IT network and the communications network;
for example:
򐂰 Cellular networks, including GSM, CDMA, TDMA, PDC, PHS, iDEN, and
򐂰 Packet radio networks, including GPRS, CDPD, DatatTAC, and Mobitex
򐂰 Satellite and wire environments, including DSL, cable modems, Internet
service providers, ISDN, dial, and LAN
In addition, the Everyplace Wireless Gateway provides protocol translation as a
Wireless Application Protocol (WAP) gateway, information push as a WAP push
proxy gateway, and support for short messaging services (SMS). EWG
establishes a single SSL channel to the origin server and “tunnels” all client
requests and responses through this channel.
To WebSEAL, the information across this channel initially appears as multiple
requests from one client. WebSEAL must distinguish between the authentication
of the MPA server over SSL and the additional authentication requests for each
individual client.
Because WebSEAL maintains an SSL session state for the MPA, it cannot use
SSL session IDs for each client simultaneously. WebSEAL instead authenticates
clients using HTTP authentication techniques over SSL.
If the user is authenticated at the EWG, for example, to a RADIUS Server, then
WebSEAL can be configured to receive an “authenticated ID” from the gateway
and not re-authenticate the user.
WebSEAL has support for the Entrust Proxy and the Nokia WAP gateway.

Get Certification Study Guide: IBM Tivoli Access Manager for e-business 6.0 now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.