Use this information
to configure trust identity (ID) evaluators.
This administrative console page applies only
to Java API for XML-based RPC (JAX-RPC) applications.
To view this administrative console page for trusted
ID evaluators on the cell level, complete the following steps:
- Click .
- Under
Additional properties, click Trusted ID evaluators.
- Click New to create a trusted ID evaluator
or click the name of an existing configuration to modify its settings.
To view this administrative console page for trusted ID
evaluators
on the server level, complete the following steps:
- Click .
- Under Security, click JAX-WS and JAX-RPC security runtime.
Mixed-version environment: In a mixed node cell with a server using Websphere
Application Server version 6.1 or earlier, click
Web services:
Default bindings for Web Services Security.
mixv
- Under
Additional properties, click Trusted ID evaluators.
- Click New to create a trusted ID evaluator
or click the name of an existing configuration to modify the settings.
To view this administrative console page
for trusted
ID evaluators on the application level, complete the following steps:
- Click .
- Under Modules, click .
- Under Web Services Security Properties, click Web services:
Server security bindings.
- Under Request receiver binding, click Edit.
- Click Trusted ID evaluators.
- Click New to
create a trusted ID evaluator
or click Delete to delete a trusted ID evaluator.
Important: Trusted
ID evaluators are only required for the request consumer (Version
6.x applications), if identity assertion is configured.
You can specify one of the following options:
- None
- Choose this option if you are not specifying a trusted ID evaluator.
- Existing evaluator definition
- Choose
this option to specify a currently defined trusted ID evaluator.
- Binding evaluator definition
- Choose
this option to specify a new trusted ID evaluator. A description
of the required fields follows.
Specifies the class name of the trusted
ID evaluator.
The specified trusted ID evaluator
class name must implement the com.ibm.wsspi.wssecurity.id.TrustedIDEvaluator
interface. The default TrustedIDEvaluator class is com.ibm.wsspi.wssecurity.id.TrustedIDEvaluatorImpl.
When you use this default TrustedIDEvaluator class, you must specify
the name and the value properties for the default trusted ID evaluator
to create the trusted ID list for evaluation.
To specify the
name and value properties, complete the following
steps:
- Under Additional properties, click .
- Specify the trusted ID evaluator name as a
property name. You
must specify the trusted ID evaluator name in the form, trustedId_n,
where _n is an integer from zero (0) to n.
- Specify the trusted ID as a property value.
For
example:
property name="trustedId_0", value="CN=Bob,O=ACME,C=US"
property name="trustedId_1", value="user1"
If a distinguished
name (DN) is used, the space is removed for comparison.
Default |
com.ibm.wsspi.wssecurity.id.TrustedIDEvaluatorImpl |
See the programming model information in
the documentation for
an explanation of how to implement the com.ibm.wsspi.wssecurity.id.TrustedIDEvaluator interface.