See information about the latest product version
Policy Sets and Policy Set Bindings editor: Authentication and Protection Tokens panel
Use this panel, which is in the Policy Set Bindings section of the editor, to further configure any X.509 authentication tokens defined in the associated policy set.
Fields
The table is prefilled, based on the following criteria
- Whether any X.509 authentication tokens exist in the associated policy set.
- Whether the SOAP message type of the authentication token is request or response.
- Whether this policy set binding is defined as being a consumer or provider.
Each authentication token identified as requiring further information is added to the table. An authentication token can require one of two types of additional information:
- Key information in the form of a key name and key alias, for lookup in the broker keystore.
- Verification information, which can be either TrustAny or TrustStore.
Authentication X.509 tokens | |||||
---|---|---|---|---|---|
Policy set configuration | Policy set bindings configuration | SOAP message | Key information | Key password | Verification information |
request | provider | inbound | N/A | N/A | required |
response | provider | outbound | required | required | N/A |
request | consumer | outbound | required | required | N/A |
response | consumer | inbound | N/A | N/A | required |
Where N/A is displayed in a field, no information is required. Where an authentication token is displayed, enter information in all fields that do not display N/A, so that the policy set binding can be generated correctly in accordance with the associated policy set.
Configure the broker to refer to a keystore and truststore. You might also need to configure passwords for these stores, and specific key passwords. See Viewing and setting keystore and truststore runtime properties at broker level for further information.
Field name | Description and valid options |
---|---|
Authentication Token Name | Displays the names of all authentication X.509 tokens that require further configuration. The token name is displayed after either request: or response:, depending on the configuration of the token in the associated policy set. |
Key name | The distinguished name (DN) that uniquely identifies the key in the keystore defined by the broker. For example “CN=CommonName, O=Organisation, C=Country" |
Key Alias | The key alias of the key in the keystore defined by the broker. The broker also uses the key alias to look up the keystore password associated with this key. You define this in the broker using the mqsisetdbparms command. |
Certificates | Either:
|