Configuring strong authentication with smart cards

Smart card authentication is appropriate for deployments where security requirements dictate stronger authentication than using a Rational® ClearQuest® user name and password.

Authentication through a user certificate can be more secure than using a user name and password because it enables two-factor authentication. For example, you can configure smart card authentication for Rational ClearQuest Web such that the user must use a smart card and a PIN to gain access to the web application. As another example, you can store a user certificate on a smart card that requires fingerprint biometric tests to access the certificate.

This section presents the high-level architecture of the smart-card-authentication feature in Rational ClearQuest Web and describes the associated server configuration tasks.

  1. Prerequisites for smart card configuration
    You must complete the following steps before you configure and enable smart card support.
  2. Architecture of smart card authentication
    The high-level architecture components that comprise the Rational ClearQuest Web smart card authentication feature include the smart card middleware, IBM® HTTP Server, and WebSphere® Application Server.
  3. Configuring WebSphere Application Server
    Configuring WebSphere Application Server security to support smart cards includes configuring client authentication, configuring the LDAP registry, configuring the LDAP client certificate filter, configuring the certificate authority, configuring the certificate revocation list, and securing WebSphere Application Server.
  4. Configuring Rational ClearQuest Web
    Configuring Rational ClearQuest Web includes configuring client certification authentication, mapping users to LDAP groups, configuring container authentication, and configuring LDAP for Rational ClearQuest databases.
  5. Troubleshoot smart card configuration issues
    This topic provides troubleshooting information for configuring smart card support.
Parent topic: Administering Rational ClearQuest Web