WebSphere Message Broker, Version 8.0.0.7 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS

See information about the latest product version

X.509 certificate token capabilities for identity mapping

For Web services, you can map an identity by using an X.509 certificate token.

The broker supports Identity mapping from an X.509 certificate token in an incoming SOAP message header to username tokens in the following configurations:

Capability

  • Identity mapping
Policy Enforcement Point (PEP) and direction
  • In (provider)

    Configured with a policy set and binding defining the certificate Authentication.

    Configured with a security profile defining an external Policy Decision Point (PDP); see the PDP section that follows.

Trust Store or PDP Identity mapping is not supported with LDAP, or at outbound nodes.

Username tokens only can be propagated.

Notices | Trademarks | Downloads | Library | Support | Feedback

Copyright IBM Corporation 1999, 2016Copyright IBM Corporation 1999, 2016.

        
        Last updated:
        
        Last updated: 2016-05-23 14:46:26


Reference topicReference topic | Version 8.0.0.7 | ac56470_