Configure the service to require message layer authentication
by attaching the LTPA WSSecurity default policy set. To
attach the LTPA WSSecurity default policy set, perform the task, mapping
abstract intent to policy sets and policy management.
In addition
to attaching the policy set, you must configure the WS-Security policy
to add a caller binding in order for the received subject to be propagated
to the thread. To update the default binding to support the caller
function, open the administrative console and navigate to >
Provider sample
> WS-Security > Callers. Create a new Caller with the
following values:
Name: Specify any name for this configuration
Caller identity local part: LTPAv2
Caller identity namespace URI: http://www.ibm.com/websphere/appserver/tokentype
For additional information on LTPA WSSecurity
default policy set review the topic, WSSecurity default policy sets.
Read also the article about configuring the WS-Security policy.
The
following code is an example of configuring the service to support
LTPA authentication.
<service name="AccountService">
<binding.ws
qos:wsPolicySet="LTPA WSSecurity default" qos:wsServicePolicySetBinding="Provider sample"
... />
</service>