IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

MFA for WebSphere Portal application protected by WebSeal

  • 1.  MFA for WebSphere Portal application protected by WebSeal

    Posted Tue February 22, 2022 03:30 PM
     
    We are trying to implement MFA for Custom Websphere Portal application protected by Webseal.  Currerntly Authentication is implemented with regular username/password. Custom Login page is served by portal and user's username/password details are submitted with pkmslogin form to webseal and validated.

    Right now we want to change the login process to be multi-factor authentication (MFA). The first step of user authentication is regular WebSEAL username/password authentication, and the second step would be with TOTP by email. 


    currently all the pages are served by portal. Once username/password is validated, TOTP should be generated and send it to the user through email. TOTP should be validated once submitted.  


    How do I seamlessly force the user to complete the AAC authentication policy after username/password login?

     Please advice 

     
    Thanks
    Dev