Configuring the server to handle identity assertion authentication
The purpose of identity assertion is to assert the authenticated identity of the originating client from a web service to a downstream web service. You can configure identity assertion authentication for the server. Do not attempt to configure identity assertion from a pure client.
About this task
For the downstream web service to accept the identity of the originating client (user name only), you must supply a special trusted BasicAuth credential that the downstream web service trusts and can authenticate successfully. You must specify the user ID of the special BasicAuth credential in a trusted ID evaluator on the downstream web service configuration. For more information on trusted ID evaluators, see Trusted ID evaluator. The server side passes the special BasicAuth credential into the trusted ID evaluator, which returns true or false that this ID is trusted. After it is trusted, the user name of the client is mapped to the credential, which is used for authorization.
Complete the following steps to configure the server to handle identity assertion authentication information:
Procedure
What to do next
After you specify how the server handles identity assertion authentication information, you must specify how the server validates the authentication information. See the task for configuring the server to validate identity assertion authentication information.