Use this panel, which is in the Policy Set Bindings section of the editor, to further configure any X.509 authentication tokens and username tokens that are defined in the associated policy set.
The table is prefilled, based on the following criteria
Each authentication token identified as requiring further information is added to the table. An authentication token can require one of two types of additional information:
Authentication X.509 tokens | |||||
---|---|---|---|---|---|
Policy set configuration | Policy set bindings configuration | SOAP message | Key information | Key password | Verification information |
request | provider | inbound | N/A | N/A | required |
response | provider | outbound | required | required | N/A |
request | consumer | outbound | required | required | N/A |
response | consumer | inbound | N/A | N/A | required |
Where N/A is displayed in a field, no information is required. Where an authentication token is displayed, enter information in all fields that do not display N/A, so that the policy set binding can be generated correctly in accordance with the associated policy set.
Configure the integration node to refer to a keystore and truststore. You might also need to configure passwords for these stores, and specific key passwords. See Viewing and setting keystore and truststore runtime properties at integration node level for further information.
Field name | Description and valid options |
---|---|
Authentication Token Name | Displays the names of all authentication X.509 tokens that require further configuration. The token name is displayed after either request: or response:, depending on the configuration of the token in the associated policy set. |
Key Name | The distinguished name (DN) that uniquely identifies the key in the keystore defined by the integration node. For example "CN=CommonName, O=Organisation, C=Country" |
Key Alias | The key alias of the key in the keystore defined by the integration node. The integration node also uses the key alias to look up the keystore password associated with this key. You define this in the integration node using the mqsisetdbparms command. |
Trust | Either:
|
Authentication username tokens | |
---|---|
Field name | Description and valid options |
Authentication Token Name | Displays the names of all authentication username tokens that require further configuration. The token name is displayed after either request: or response:, depending on the configuration of the token in the associated policy set. |
Add Timestamp | Specifies whether a timestamp is added to the outbound username token field. This option is applicable only to consumer bindings. |
Add Nonce | Specifies whether a nonce is added to the outbound username token field. This option is applicable only to consumer bindings. |
Password Digest | Specifies whether a digest form of the password, instead of the plain text form of the password, is created. This option is applicable only to consumer bindings. |