Trust Method [Settings]

Defines a trust method used to validate the identity of a trusted intermediary asserting an ID on a downstream message. When a trust method is configured, the security token defined by the caller is expected to contain an identity to be asserted.

To view this pane in the console, click the following path:

Service integration > Web services > WS-Security configurations > [Content Pane] v1-inbound-config_name > [Request consumer] Caller > [Content Pane] caller_name > [Additional Properties] Trust method .

Configuration tab

Configuration properties for this object. These property values are preserved even if the runtime environment is stopped then restarted. See the information center task descriptions for information about how to apply configuration changes to the runtime environment.

General properties

Trust any

If trust any is selected then all upstream intermediaries will be trusted by this consumer. This should only be selected if you are certain that all upstream intermediaries are trusted. Selecting trust any will automatically override all other attributes of this trust method.

Required No
Data type Check box

Name

The name of the trust method.

There are two valid predefined names:
  • BasicAuth (for basic authentication).
  • Signature.
Required No
Data type Text

Part

Specifies the name of the required integrity or required confidentiality part within the message to be used to validate the intermediary.

Required No
Data type drop-down list

URI

Specifies the URI of the security token to use to validate the intermediary.

If you specify BasicAuth or Signature as the trust method, you do not need to specify this option. If you specify a custom token, enter the URI of the QName for the value type.

Required No
Data type Text

Local Name

Specifies the local name of the security token to use to validate the intermediary.

WebSphere® Application Server has the following predefined local name value types:
BasicAuth
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken
Signature
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509
Attention:
  • If you enter one of the predefined local name value types, you can leave the URI field blank. For example, to specify "BasicAuth", enter http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken in the Local name field and do not enter a value in the URI field.
  • If you specify a custom value type for a custom token, you must specify the local name and the URI of the Quality name (QName) of the value type. For example, you might enter Custom in the Local name field, and http://www.ibm.com/custom in the URI field.
Required No
Data type Text

Additional properties

Properties
Properties associated with the trust method.



Reference topic    

Terms of Use | Feedback

Last updated: Feb 19, 2011 5:25:36 AM CST
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=v610web&product=was-nd-mp&topic=ReqConTrustMethod_DetailForm
File name: ReqConTrustMethod_DetailForm.html