Decision Management (ODM,ADS)

Hi There,

I am currently working on implementing mTLS (Mutual TLS) within an IBM Operational Decision Manager (ODM) environment, with WebSphere as the application server. My goal is to replace the traditional user/password authentication with certificate-based login using mTLS to secure communication between clients and the ODM server.

Hi Kishan,

which ODM version are you using or considering ? When you say WebSphere, are you referring to traditional WAS (no more supported in ODM 8.12 and higher due to the move to Java version > 8 ) or Liberty ?

Thanks

Hi There,

I am currently working on implementing mTLS (Mutual TLS) within an IBM Operational Decision Manager (ODM) environment, with WebSphere as the application server. My goal is to replace the traditional user/password authentication with certificate-based login using mTLS to secure communication between clients and the ODM server.

Hi Antony,

We are working with ODM 8.12 and 9.0, both on Liberty server.

Thanks!

Hi Kishan,

which ODM version are you using or considering ? When you say WebSphere, are you referring to traditional WAS (no more supported in ODM 8.12 and higher due to the move to Java version > 8 ) or Liberty ?

Thanks

Hi There,

I am currently working on implementing mTLS (Mutual TLS) within an IBM Operational Decision Manager (ODM) environment, with WebSphere as the application server. My goal is to replace the traditional user/password authentication with certificate-based login using mTLS to secure communication between clients and the ODM server.

Hello Kishan,

To configure the certificate authentication on liberty, you can follow :

• liberty documentation https://www.ibm.com/docs/en/was-liberty/base?topic=scl-configuring-your-web-application-server-client-certificate-authentication
• ODM documentation https://www.ibm.com/docs/en/odm/8.12.0?topic=services-protecting-decision-basic-authentication

Now, the problem you will face if you are replacing entirely the user/password authentication by a certificate authentication is you will have no way to identify who is logging neither what ODM roles you can provide to this authentication. But, perhaps it doesn't matter in your use-case ?

BR,

Mathias

Hi Antony,

We are working with ODM 8.12 and 9.0, both on Liberty server.

Thanks!

Hi Kishan,

which ODM version are you using or considering ? When you say WebSphere, are you referring to traditional WAS (no more supported in ODM 8.12 and higher due to the move to Java version > 8 ) or Liberty ?

Thanks

Hi There,

I am currently working on implementing mTLS (Mutual TLS) within an IBM Operational Decision Manager (ODM) environment, with WebSphere as the application server. My goal is to replace the traditional user/password authentication with certificate-based login using mTLS to secure communication between clients and the ODM server.

Hi Mathias,
Thank you for your comment and support!

I have successfully configured Mutual TLS (MTLS) for our application, and it is currently applied globally. However, I am now working on restricting MTLS to a specific REST API endpoint only.

I would appreciate any guidance or best practices you can share on how to achieve this configuration.

Looking forward to your support.

Hello Kishan,

To configure the certificate authentication on liberty, you can follow :

• liberty documentation https://www.ibm.com/docs/en/was-liberty/base?topic=scl-configuring-your-web-application-server-client-certificate-authentication
• ODM documentation https://www.ibm.com/docs/en/odm/8.12.0?topic=services-protecting-decision-basic-authentication

Now, the problem you will face if you are replacing entirely the user/password authentication by a certificate authentication is you will have no way to identify who is logging neither what ODM roles you can provide to this authentication. But, perhaps it doesn't matter in your use-case ?

BR,

Mathias

Hi Antony,

We are working with ODM 8.12 and 9.0, both on Liberty server.

Thanks!

Hi Kishan,

which ODM version are you using or considering ? When you say WebSphere, are you referring to traditional WAS (no more supported in ODM 8.12 and higher due to the move to Java version > 8 ) or Liberty ?

Thanks

Hi There,

I am currently working on implementing mTLS (Mutual TLS) within an IBM Operational Decision Manager (ODM) environment, with WebSphere as the application server. My goal is to replace the traditional user/password authentication with certificate-based login using mTLS to secure communication between clients and the ODM server.