Use this page to view a list of configurations for validating
security tokens within incoming messages. Login mappings map an authentication
method to a Java Authentication and Authorization
Service (JAAS) login configuration to validate the security token.
Four authentication methods are predefined in the WebSphere® Application
Server: BasicAuth, Signature, IDAssertion,
and Lightweight Third Party Authentication (LTPA).
Important: There is an important distinction between Version
5.x and Version 6 and later applications. The information supports
Version 5.x applications only that are used with WebSphere Application Server Version 6.0.x and
later. The information does not apply to Version 6.0.x and
later applications. Version 5.x applications are based on Java 2 platform, Enterprise Edition
(J2EE) 1.3.
To view this administrative console page for the server level,
complete the following steps:
- Click .
- Under Security, click JAX-WS and JAX-RPC security runtime.
Mixed-version environment: In a mixed node cell with a server using Websphere
Application Server version 6.1 or earlier, click
Web services:
Default bindings for Web Services Security.
mixv
- Under Additional properties, click Login mappings.
- Click either New to create a new login mapping configuration
or click the name of an existing configuration.
To view this administrative console page for the application level,
complete the following steps:
- Click .
- Under Modules, click .
- Under Web Services Security properties, click Web services:
Server security bindings.
- Click Edit under Request receiver binding.
- Click Login mappings.
If you click
Update runtime, the Web Services
Security run time is updated with the default binding information,
which is contained in the
ws-security.xml file
that was previously saved. After you specify the authentication method,
the JAAS configuration name, and the Callback Handler Factory class
name on this panel, you must complete the following steps:
- Click Save in the messages section at the
top of the administrative console.
- Click Update runtime. When you click Update
runtime, the configuration changes made to the other web
services also are updated in the Web Services Security run time.
Important: If the login mapping configuration is not found
on the application level, the web services run time searches for the
login mapping configuration on the server level.