Login bindings configuration settings
Use this page to specify the Java™ Authentication and Authorization Service (JAAS) login configuration settings that are used to validate security tokens within incoming messages.
- com.ibm.wsspi.wssecurity.auth.callback.BinaryTokenCallback
- This implementation is used for generating binary tokens inserted as <wsse:BinarySecurityToken/@ValueType> in the message.
- javax.security.auth.callback.NameCallback and javax.security.auth.callback.PasswordCallback
- This implementation is used for generating user name tokens inserted as <wsse:UsernameToken> in the message.
- com.ibm.wsspi.wssecurity.auth.callback.XMLTokenSenderCallback
- This implementation is used to generate Extensible Markup Language (XML) tokens and is inserted as the <SAML: Assertion> element in the message.
- com.ibm.wsspi.wssecurity.auth.callback.PropertyCallback
- This implementation is used to obtain properties that are specified in the binding file.
- Click .
- Under Modules, click Web Services: Client security bindings. . Under Web Services Security Properties, click
- Under Request Sender Bindings, click Edit.
- Under Additional properties, click Login binding.
If the encryption information is not available, select None.
If the encryption information is available, select Dedicated login binding and specify the configuration in the following fields:
Authentication method
Specifies the unique name for the authentication method.
- BasicAuth
- This method uses both a user name and a password.
- IDAssertion
- This method uses a user name, but it requires that additional trust is established by the receiving server using a trusted ID evaluator mechanism.
- Signature
- This method uses the distinguished name (DN) of the signer.
- LTPA
- This method validates the token.
Callback handler
Specifies the name of the callback handler. The callback handler must implement the javax.security.auth.callback.CallbackHandler interface.
Basic authentication user ID
Specifies the user name for basic authentication. With the basic authentication method, you can define a user name and a password in the binding file.
Basic authentication password
Specifies the password for basic authentication.
Token type URI
Specifies the namespace Uniform Resource Identifiers (URI), which denotes the type of security token that is accepted.
- If binary security tokens are accepted, the value denotes the ValueType attribute in the element. The ValueType element identifies the type of security token and its namespace.
- If Extensible Markup Language (XML) tokens are accepted, the value denotes the top-level element name of the XML token.
- The Token type URI field is ignored if the reserved words, which are listed in the description of the Authentication method field, are specified.
This information is inserted as <wsse:BinarySecurityToken>/ValueType for the <SAML: Assertion> XML token.
Token type local name
Specifies the local name of the security token type. For example, X509v3.
- If binary security tokens are accepted, the value denotes the ValueType attribute in the element. The ValueType element identifies the type of security token and its namespace.
- If Extensible Markup Language (XML) tokens are accepted, the value denotes the top-level element name of the XML token.
- The Token type URI field is ignored if the reserved words, which are listed in the description of the Authentication method field, are specified.
This information is inserted as <wsse:BinarySecurityToken>/ValueType for the <SAML: Assertion> XML token.