Use this task to configure an alternative mediation identity for
a mediation handler
About this task
By default, a mediation inherits the identity used by the messaging engine.
In some cases, you might want to specify an alternative identity for a mediation
handler to use. For example, for a single mediation that sends messages to
a destination. To do this, you specify a "run-as" identity for the mediation
handler at deployment, and map the mediation handler to an identity other
than the default mediation identity by using a role name. Follow the steps below
to specify an alternative mediation identity:
Procedure
- Package your mediation handler as an EAR file.
- Edit the deployment descriptor file to define the roles. For more
information, see Configuring programmatic logins for Java Authentication and Authorization Service.
- Assign users to the role. For more information, see Mapping users to RunAs roles using an assembly tool and Securing applications during assembly and deployment.
- Deploy the mediation handler in WebSphere® Application Server, and
assign users to the RunAs role. For more information, see Assigning users to RunAs roles. You can confirm
the mappings of users to roles, add new users and groups, and modify existing
information during this step. For more information, see Deploying secured applications.
Example