WebSphere Message Broker, Version 8.0.0.7
Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS
See information about the latest product version
See information about the latest product version
Creating a module chain in TFIM V6.2
This topic describes how to create a module chain in Tivoli® Federated Identity Manager (TFIM) V6.2.
When you use a WS-Trust v1.3 security token server (STS) for authentication, authorization, or mapping (or any combination of those operations), a single WS-Trust request is made to the trust service with the required parameters, which control the STS processing.
To enable WebSphere® Message Broker to use TFIM V6.2 for authorization, you need to configure TFIM to process the single WS-Trust request from the broker security manager. To configure TFIM, you must create a module chain to handle the request:
- Create a Custom module chain, and ensure that the chain performs all the actions that are specified in the broker security profile (Authenticate, Map, Authorize).
- Set the RequestType, Issuer and AppliesTo properties of the module chain, so that it is invoked for the requests from the security enabled input node or SecurityPEP node. The parameters that are passed by the broker to TFIM are shown in the table in Authentication, mapping, and authorization with TFIM V6.2 and TAM.
If your module chain includes an authorization module, and
if the module specifies TAM, you must configure TAM to process the
authorization requests from TFIM. For more information about how to
do this, see Configuring TAM for authorization using TFIM V6.2.