IBM Integration Bus, Version 10.0.0.17 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS


X.509 certificate token capabilities for identity mapping

For web services, you can map an identity by using an X.509 certificate token.

The integration node supports Identity mapping from an X.509 certificate token in an incoming SOAP message header to username tokens in the following configurations:

Capability

Policy Enforcement Point (PEP) and direction
  • In (provider)

    Configured with a policy set and binding defining the certificate Authentication.

    Configured with a security profile defining an external Policy Decision Point (PDP); see the PDP section that follows.

Trust Store or PDP Identity mapping is not supported with LDAP, or at outbound nodes.

Username tokens only can be propagated.


ac56470_.htm | Last updated 2019-07-13 08:12:15