Trust Method [Settings]

Defines a trust method used to validate the identity of a trusted intermediary asserting an ID on a downstream message. When a trust method is configured, the security token defined by the caller is expected to contain an identity to be asserted.

To view this page in the console, click the following path:

Service integration -> Web services -> WS-Security configurations -> v1-inbound-config_name -> [Request consumer] Caller -> caller_name -> [Additional Properties] Trust method .

Configuration tab

The Configuration tab shows configuration properties for this object. These property values are preserved even if the runtime environment is stopped then restarted. See the information center task descriptions for information about how to apply configuration changes to the runtime environment.

General Properties

Trust any

If trust any is selected then all upstream intermediaries will be trusted by this consumer. This should only be selected if you are certain that all upstream intermediaries are trusted. Selecting trust any will automatically override all other attributes of this trust method.

If you do not select the Trust any check box, but you specify a value for any other field on this panel, then WS-Security identity assertion is enabled.

Required No
Data type Boolean

Name

The name of the trust method.

There are two valid predefined names:
  • BasicAuth (for basic authentication).
  • Signature.
Required No
Data type String

Part

Specifies the name of the required integrity or required confidentiality part within the message to be used to validate the intermediary.

Required No
Data type drop-down list

URI

Specifies the URI of the security token to use to validate the intermediary.

If you specify BasicAuth or Signature as the trust method, you do not have to specify this option. If you specify a custom token, enter the URI of the QName for the value type.

Required No
Data type String

Local Name

Specifies the local name of the security token to use to validate the intermediary.

If you enter a value in the Local Name field, you must define a trusted ID evaluator for the token consumer that is associated with this token.

WebSphere® Application Server has the following predefined local name value types:
BasicAuth
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken
Signature
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
Attention:
  • If you enter one of the predefined local name value types, you can leave the URI field blank. For example, to specify "BasicAuth", enter http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken in the Local name field and do not enter a value in the URI field.
  • If you specify a custom value type for a custom token, you must specify the local name and the URI of the Quality name (QName) of the value type. For example, you might enter Custom in the Local name field, and http://www.ibm.com/custom in the URI field.
Required No
Data type String

Additional Properties

Properties
Properties associated with the trust method.





Terms of Use | Feedback

Last updatedLast updated: Sep 19, 2011 5:16:49 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-base-iseries&topic=ReqConTrustMethod_DetailForm
File name: ReqConTrustMethod_DetailForm.html