Creating custom security tokens for Web services security using the GenericSecurityTokenFactory SPIs

Use the GenericSecurityTokenFactory SPIs to create custom security tokens for use by the WS-Security runtime. These security tokens can be used for, but are not be limited to, WSSAPIs, JAAS login modules, and custom security tokens.

About this task

The GenericSecurityTokenFactory provides several SPIs to create custom tokens that can be emitted with the GenericIssuedTokenGenerateLoginModule or as a custom security token.

A custom security token that is created with the GenericSecurityTokenFactory is the complete form of a security token that can be emitted by the WS-Security run time. You do not have to write an emitter or receiver, such as writeExternal or readExternal, for the token you create using these SPIs. Only two pieces of information are required:
  • The token element, which is either Axiom or w3c.dom implementation
  • The value type

In the following steps, the custom token being created is a UsernameToken. We selected this token as the custom token to create because it is a well-known form, and has a good mix of elements, sub-elements, and attributes. To determine the methods you need to use to build your own custom tokens, look at the XML for a UsernameToken, and match up that XML with what is being done in the methods included in one of the following steps.

Procedure




In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Jan 30, 2014 9:17:32 AM CST
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-nd-iseries&topic=twbs_createcustomtokens
File name: twbs_createcustomtokens.html