Configuring an alternative mediation identity for a mediation handler

Use this task to configure an alternative mediation identity for a mediation handler

About this task

By default, a mediation inherits the identity used by the messaging engine. In some cases, you might want to specify an alternative identity for a mediation handler to use. For example, for a single mediation that sends messages to a destination. To do this, you specify a "run-as" identity for the mediation handler at deployment, and map the mediation handler to an identity other than the default mediation identity by using a role name. Follow these steps to specify an alternative mediation identity:

Procedure

  1. Package your mediation handler as an EAR file.
  2. Edit the deployment descriptor file to define the roles. For more information, see Configuring programmatic logins for Java Authentication and Authorization Service.
  3. Assign users to the role. For more information, see Mapping users to RunAs roles using an assembly tool and Securing applications during assembly and deployment.
  4. Deploy the mediation handler in WebSphere® Application Server, and assign users to the RunAs role. For more information, see Assigning users to RunAs roles. You can confirm the mappings of users to roles, add new users and groups, and modify existing information during this step. For more information, see Deploying secured applications.

Example

What to do next

Next, you are ready to authorize mediations to access destinations. For more information, see Administering authorization permissions.

指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:15
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tjp0027_
檔名:tjp0027_.html