Overview Of Ibm Datapower Ntlm Job Support:
Ibm datapower ntlm WebSphere Application Server & the other IBM products that run on the WebSphere Application Server, such as the WebSphere Portal, do not currently support the NTLM (NT LAN Manger). Both IBM & the Microsoft “do support” basic authentication, Mutual Authentication, & to use of SAML or Kerberos in a some form, depending on the application of the protocol being used.
Further, WebSphere Application Server has no plans for supporting the NTLM, given an technical challenges & limitations around developing an complete solution using the NTLM. In brief, NTLM is an Microsoft closed HTTP transport & security protocol that provides authentication, integrity, & a confidentiality for web applications running on the Microsoft platform, designed to only work within an Microsoft networking environment. Microsoft has also published an statement that it is no longer recommends using the NTLM.
Microsoft does offer on other standards-based on HTTP transport options as alternatives to NTLM, such as the Basic Authentication, Mutual of Authentication, Kerberos, & SAML, all of which provide for the multiple platform interoperability & are supported by an WebSphere Application Server.
For using the WS-Security standards, both the Microsoft .NET & WebSphere Application Server applications can use an above HTTP transport authentication. They can also support an SOAP message authentication based on the WS-Security standards, such as UsernameToken, Kerberos tokens, SAML token, and authentication based on X509.
In addition, both Kerberos & SAML support the ability to flow the either an server identity or the client identity to a SOAP-based web service provider. It is also an worth noting that the WS-Security OASIS standards body, of which both Microsoft & IBM are voting members, endorses the use of a SAML Web Services Token Profile for the WS-Security based on the applications.