Can WebSphere Full Profile scope Requiring Client Certificate authentication to certain paths?

I would like to know whether WebSphere Full Profile (8.5.5.x or 9.x) has any capability to make the SSL Settings QoP “Client authentication” Required for **only** a specific path of an application?

The use-case is that a customer wants to use it for mutual authentication of REST APIs, but not require it for a user interface application that users log in to using a totally different authentication method. Both applications are deployed in the same .ear file.

Currently it appears that the configuration of Client authentication is done at the Cell or Node level through https://www.ibm.com/support/knowledgecenter/en/SSAW57_9.0.0/com.ibm.websphere.nd.multiplatform.doc/ae/csec_ssl_clientauth.html

Related:

  • No Related Posts

Does an IIB fix pack has to be installed over an existing version of IIB, or can I use it for a fresh installation?

Does an IIB fix pack has to be installed over an existing version of IIB, or can I use it for a fresh installation?

For example, does IIB 10.0.0.11 has to be installed over an existing IIB 10.0.0.x installation, or can I just directly fresh install 10.0.0.11?

Regards
Charles

This dW Answers question is about an IBM document with the Title:
IBM Integration Bus V10.0 – Fix Pack 10.0.0.11

Related:

  • No Related Posts