ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/webserv/wsseccfauth.htm

54 lines
3.3 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Configure Web services authentication</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h4><a name="wsseccfauth"></a>Configure Web services authentication</h4>
<p>WebSphere Application Server - Express provides the following authentication mechamisms for Web services:</p>
<ul>
<li>Basic authentication</li>
<li>Identity assertion authentication</li>
<li>Digital signature authentication</li>
<li>Lightweight Third-party Authentication (LTPA)</li>
</ul>
<p>For more information, see <a href="wsseccfauthovr.htm">Authentication method overview</a>.</p>
<p>You must configure a Web service and its clients to use the same authentication mechansim. The client creates a security token in the SOAP message, which is then extracted and validated by the server. For more information, see <a href="wssecovtoken.htm">Security token type overview</a>.</p>
<p>You can configure a Web services server to support multiple authentication mechanisms. Additionally, a server can act as a client to another Web service, so in some cases you may need to configure both server-side and client-side authentication for a Web service application.</p>
<p>The authentication mechanism is configured in the Web service and Web services client deployment descriptors. You can use WebSphere Development Studio Client for iSeries (Version 5.1 or later) or the WebSphere Application Server Toolkit (Version 5.0.2 or later) to configure your deployment descriptors. These topics describe how to configure authentication mechanisms with the Development Studio Client. For more information, see <a href="astk.htm">Configure your Web services application</a>.</p>
<p>See the following topics for information about configuring the various Web services authentication mechanisms:</p>
<blockquote>
<p><strong><a href="wsseccfabasic.htm">Configure basic authentication</a></strong>
<br>The basic authentication mechanism validates a security token with a user ID and text password. See this topic for more information.</p>
<p><strong><a href="wsseccfaid.htm">Configure identity assertion authentication</a></strong>
<br>The identity assertion mechanism validates a security token with an identity name only. The identity name can be a user name, a distinguished name (DN), or an X.509 certificate. See this topic for more information.</p>
<p><strong><a href="wsseccfadigicert.htm">Configure digital signature authentication</a></strong>
<br>The digital signature mechanism uses a digital signature for authentication. See this topic for more information.</p>
<p><strong><a href="wsseccfaltpa.htm">Configure LTPA authentication</a></strong>
<br>The LTPA mechanism uses a binary security token for authentication. See this topic for more information.</p>
</blockquote>
<p>As an alternative to the other, more complex Web services authentication mechanisms, you can use HTTP basic authentication to secure your Web services. For more information, see <a href="wsseccfahttp.htm">Configure HTTP basic authentication</a>.</p>
</body>
</html>