I'm an RSA newbie and just trying to understand how to make our software work with RSA. (If I've posted in the wrong forum, my apologies. Also if this question is already documented/answered somewhere -- in a FAQ perhaps -- please mention with a link.)
Currently, we have a Java application that allows a user to enter their username and password. The application then uses these credentials to access protected URLs over HTTPS/TLS on an Apache web server that is configured to authenticate with a cross-platform LDAP server. The server then returns the appropriate response based on the authorization: 401, 403, 200, etc.
How would this same paradigm worth with RSA? That is, how would the Java application need to be enhanced to allow a user to enter their username and *RSA passcode* to access the protected URLs on the Apache web server? Does the Java application need to support sessions and cookie management? Does the Apache server need the RSA WebAgent?