Required security token [Settings]
Specifies accepted stand-alone security tokens within a consumed message. Stand-alone security tokens are those not already used for signature or encryption. Defining a required security token means that messages containing a token of that type will be processed according to the usage assertion. The security token will not be used for authentication unless it is also specified within a caller.
To view this page in the console, click the following path:
.
Configuration tab
The Configuration tab shows configuration properties for this object. These property values are preserved even if the runtime environment is stopped then restarted. See the information center task descriptions for information about how to apply configuration changes to the runtime environment.
General Properties
Name
The name of the security token.
Information | Value |
---|---|
Required | Yes |
Data type | String |
URI
Specifies the namespace URI of the security token.
This is the namespace Uniform Resource Identifier (URI) of the security token within the consumed message.
If you specify a Username token or X.509 certificate security token, you do not have to specify a URI. If you specify a custom token, enter the URI of the QName for the value type. If you specify Lightweight Third Party Authentication (LTPA), enter the following WebSphere® Application Server predefined value type URI: http://www.ibm.com/websphere/appserver/tokentype/5.0.2. If you specify Lightweight Third Party Authentication propagation (LTPA_PROPAGATION), enter the following WebSphere Application Server predefined value type URI: http://www.ibm.com/websphere/appserver/tokentype.
Information | Value |
---|---|
Required | No |
Data type | String |
Local name
Specifies the local name of the security token.
- Username token
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken
- X509 certificate token
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
- # X509 certificates in a PKIPath
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1
- A list of X509 certificates and CRLs in a PKCS#7
- http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#PKCS7
- LTPA
- For Lightweight Third Party Authentication, the local name value type is LTPA.
- LTPA_PROPAGATION
- For Lightweight Third Party Authentication token propagation, the local name value type is LTPA_PROPAGATION.
- If you enter LTPA in the Local name field, you must also specify the URI value http://www.ibm.com/websphere/appserver/tokentype/5.0.2 in the URI field.
- If you enter LTPA_PROPAGATION in the Local name field, you must also specify the URI value http://www.ibm.com/websphere/appserver/tokentype in the URI field.
- If you enter any of the other predefined local name value types, you can leave the URI field blank. For example, to specify "Username token", enter http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken in the Local name field and do not enter a value in the URI field.
- If you specify a custom value type for a custom token, you must specify the local name and the URI of the Quality name (QName) of the value type. For example, you might enter Custom in the Local name field, and http://www.ibm.com/custom in the URI field.
Information | Value |
---|---|
Required | Yes |
Data type | String |
Usage
Indicates the assertion of the required security token constraint.
Information | Value |
---|---|
Required | Yes |
Data type | drop-down list |
Range |
|