The fifth and final step in implementing basic authentication is
to create a token consumer for the request message to be received by the export.
The token consumer receives the security token in the request message and
validates it.
To create a token consumer for the request message:
- If the module deployment editor is closed, open it by completing
the following steps:
- In the Business Integration view, select
the module that contains your Web services export, as shown in the following
figure:

- Right-click the selected module and select Open Deployment
Editor. The module deployment editor opens.
- Click the Export WS-Security tab.
- Click the Binding Configurations tab. The
Web Services Binding Configurations page opens, as shown in the following
figure:

- In the Port Component Binding section, complete
the following steps:
- In the Web service description binding drop-down
list, select the Web service description binding corresponding to your Web
Service export's service name. For example, in the above figure, the Web service
description binding ServerInterfaceExport1_ServerInterfaceHttpService is
selected.
- In the list of port component bindings, select the port component
binding that you want to use for the Web service description binding that
you selected. The port component binding comes from the port name of your
Web service export. For example, in the above figure, the port component binding receiveWebServiceCallFromClient_ServerInterfaceHttpPort is selected.
- Expand the Request Consumer Binding Configuration Details section.
- Expand the Token Consumer subsection.
- Click Add. The Token Consumer dialog box
opens.
- In the Token consumer name field, type a
name for the new token consumer. For example, con_UNtcon.
- In the Token consumer class field, ensure
that the com.ibm.wsspi.wssecurity.token.UsernameTokenConsumer class
is selected.
- In the Security token drop-down list, select
the name of the security token that you created on the Extensions page.
For example, reqUNToken.
- Ensure that the Use value type check box
is selected.
- In the Value type field, ensure that Username
Token is selected.
- In the Local name field, ensure that the
local name http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken is
specified.
- Select the Use jaas.config check box to
have the security token in the import's request message validated
- In the jaas.config name field, type system.wssecurity.UsernameToken.
This is the default JAAS configuration name for username tokens and it causes
a username token to be validated with a user name and password. The Token
Consumer dialog box should now resemble the following figure:

- Click OK. The new token consumer con_UNtcon is
displayed, as shown in the following figure:

- Press Ctrl-S to save your changes.
After you have added a token consumer, you have essentially finished
the implementation of basic authentication for your application. You may want
to test your implementation by using the integration test client, as described
in the topic "Testing authentication using the integration test client."