You may need to configure the security server to function with the toolkit server. In the case of WebSEAL, set the following parameters in the webseald.conf configuration file:
use-same-session = yes ba-auth = both or ba-auth = http
When creating the Junction, set the following parameters:
Junction type: tcp Junction name: <context root for the web application>
Setting the context root for the application in the Junction name parameter is only required when WebSphere Application Server is managing the client session (the cookies parameter is set to true.) Setting it to the context root prevents path problems. Otherwise, if the toolkit is managing the session internally, you can set the Junction name parameter to any value.