Web services security service provider programming interfaces

Several Service Provider Interfaces (SPIs) are provided to extend the capability of the Web services security runtime.

About this task

Important: There is an important distinction between Version 5.x and Version 6 and later applications. The information in this article supports Version 5.x applications only that are used with WebSphere Application Server Version 6.0.x and later. The information does not apply to Version 6.0.x and later applications.

The following list contains the SPIs that are available for WebSphere Application Server:

Procedure

What to do next

The JAAS LoginModule API is used for token validation on the request receiver side of the message. You can implement a custom LoginModule API to perform validation of the custom token on the request receiver of the message. After the token is verified and validated, the token is set as the caller and then run as the identity in the WebSphere Application Server runtime. The identity is used for authorization checks by the containers before a Java 2 Platform, Enterprise Edition (J2EE) resource is invoked. The following list presents the default AuthMethod configurations provided by WebSphere Application Server:
BasicAuth
Validates a user name token.
Signature
Maps the distinguished name (DN) of a verified certificate to a Java Authentication and Authorization Service (JAAS) subject.
IDAssertion
Maps a trusted identity to a JAAS subject.
LTPA
Validates an LTPA token that is received in the message and creates a JAAS subject.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Aug 29, 2010 6:22:59 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-express-dist&topic=twbs_wssecapi
File name: twbs_wssecapi.html