ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/webserv/wsseccfaid.htm

32 lines
1.8 KiB
HTML
Raw Permalink Normal View History

2024-04-02 14:02:31 +00:00
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Configure identity assertion authentication</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h5><a name="wsseccfaid"></a>Configure identity assertion authentication</h5>
<p>With identity assertion authentication, the client generates a security token, based on user name, distinguished name (DN), or X.509 certificate, and imbeds it in the SOAP message. The server then extracts the token and validates it by using a Java Authentication and Authorization Service (JAAS) login module. For more information about identity assertion, see <a href="wssecidassert.htm">Identity assertion</a> and <a href="wssecidauth.htm">Identity authentication method</a>.</p>
<p>Identity assertion uses a trusted ID evaluator to determine if the name that is provided in the request message is to be trusted. You can use a default trusted ID evaluator, or you can develop your own. For more information, see <a href="wssectrustid.htm">Trusted ID evaluator</a>.</p>
<p><strong>Note:</strong> To use the identity assertion authentication mechanism for Web services, you must configure WebSphere global security. For more information, see <a href="../sec/seccglo.htm">Configure global security</a> in the <em>Security</em> topic.</p>
<p>To configure the identity assertion authentication mechanism for your Web service, perform the following steps:</p>
<ol>
<li><a href="wsseccfidautcl.htm">Configure client identity assertion authentication</a></li>
<li><a href="wsseccfidautsv.htm">Configure server identity assertion authentication</a></li>
</ol>
</body>
</html>