Login mappings collection
Use this page to view a list of configurations for validating security
tokens within incoming messages. Login mappings map an authentication method
to a Java Authentication and Authorization Service (JAAS) login configuration
to validate the security token. Four authentication methods are predefined
in the WebSphere Application Server: BasicAuth, Signature, IDAssertion, and Lightweight Third Party Authentication
(LTPA).
To view this administrative console page, complete the following steps:
- Click Server > Application Servers > server_name.
- Under Additional Properties, click Web Services: Default bindings for
Web Services Security > Login Mappings.
- Click New to create a login mapping or click Delete to delete
a login mapping.
If you click Update runtime, the Web services security run time
is updated with the default binding information, which is contained in the ws-security.xml file
that was previously saved. After you specify the authentication method, the
Java Authentication and Authorization Service (JAAS) configuration name, and
the Callback Handler Factory class name on this panel, you must complete the
following steps:
Click Save at the top of the administrative console. When you click Save,
you return to the administrative console home panel.
Return to the Login Mappings collection panel and click Update runtime.
When you click Update runtime, the configuration changes made to the
other Web services also are updated in the Web services security run time.
- Authentication Method
- Specifies the authentication method used for validating the security
tokens.
The following authentication methods are available:
- BasicAuth
- The basic authentication method includes both a user name and a password
in the security token. The information in the token is authenticated by the
receiving server and used to create a credential.
- Signature
- The signature authentication method sends an X.509 certificate as a security
token. For Lightweight Directory Access Protocol (LDAP) registries, the distinguished
name (DN) is mapped to a credential, which is based on the LDAP certificate
filter settings. For local OS registries, the first attribute of the certificate,
usually the common name (CN) is mapped directly to a user ID in the registry.
- IDAssertion
- The identity assertion method maps a trusted identity (ID) to a WebSphere
Application Server credential. This authentication method only includes a
user name in the security token. An additional token is included in the message
for trust purposes. When the additional token is trusted, the
IDAssertion token user name is mapped to a credential.
- LTPA
- Lightweight Third Party Authentication (LTPA) validates an LTPA token.
- JAAS Configuration Name
- Specifies the name of the Java Authentication and Authorization
Service (JAAS) configuration.
- Callback Handler Factory Class Name
- Specifies the name of the factory for the CallbackHandler class.

BasicAuth authentication method
Identity assertion authentication method
Signature authentication method
Lightweight Third Party Authentication

Login mapping configuration settings
Searchable topic ID:
uwbs_logmap
Last updated: Jun 21, 2007 4:55:42 PM CDT
WebSphere Application Server Network Deployment, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/uwbs_logmap.html