WebSphere Message Broker, Version 8.0.0.7
Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS
See information about the latest product version
See information about the latest product version
Creating a security profile for TFIM V6.1
You can create a security profile for Tivoli® Federated Identity Manager (TFIM) V6.1 for any combination of the following functions: authentication, authorization, and mapping. You can use either the mqsicreateconfigurableservice command or an editor in the WebSphere® Message Broker Explorer to create the security profile.
Note: Support for TFIM V6.1 is included for compatibility
with previous versions of WebSphere Message
Broker.
If possible, upgrade to TFIM V6.2 and follow the instructions in Creating a security profile for WS-Trust V1.3 (TFIM V6.2).
Creating a profile using mqsicreateconfigurableservice
To create a security profile that uses TFIM V6.1, you can use the mqsicreateconfigurableservice command by setting the configuration parameter to the URL of the TFIM server. For example: http://tfimserver.mycompany.com:9080
To create a security profile that uses TFIM V6.1 for mapping,
enter the following command:
mqsicreateconfigurableservice brokername -c SecurityProfiles -o profilename
-n mapping,mappingConfig -v TFIM,http://tfimserver.mycompany.com:9080
If
the URL specifies an address beginning with https://,
an SSL secured connection is used for requests to the TFIM server.
For example, to create a security profile that uses an HTTPS connection
to TFIM for mapping, enter the following command:
mqsicreateconfigurableservice brokername -c SecurityProfiles -o profilename
-n mapping,mappingConfig -v TFIM,https://tfimserver.mycompany.com:9443
where https://tfimserver.mycompany.com:9443 is
the address of the TFIM server.If TFIM is selected for more than one operation (for example, for authentication and mapping), the TFIM server URL must be identical for all the operations, and is therefore specified only once.
The following example creates
a security profile that uses TFIM for authentication, mapping, and
authorization:
mqsicreateconfigurableservice MYBROKER -c SecurityProfiles -o TFIM
-n authentication,mapping,authorization,propagation,mappingConfig
-v TFIM,TFIM,TFIM,TRUE,http://tfimhost1.ibm.com:9080
Creating a profile for TFIM V6.1 using the WebSphere Message Broker Explorer
You can use the WebSphere Message Broker Explorer to
create a security profile for using TFIM V6.1.