Configurations that support identity propagation

A range of products and network topologies support identity propagation.

Products that support identity propagation

The following IBM® products support identity propagation:

Network topology for using identity propagation

Identity propagation is supported only on IPIC connections to CICS configured with SSL.

For more information about the topologies that are supported by CICS Transaction Gateway, see Deployment topologies.

The following example shows identity propagation in a topology with CICS Transaction Gateway in local mode:

Figure 1. Example of identity propagation in a local mode topology

The user security information consists of a distinguished name and a realm name. The distinguished name uniquely identifies an entry within a user registry. The realm name represents a named collection of users and groups that can be used in a specific security context.

When the user has been authenticated in WebSphere Application Server, the security information is passed unchanged as a distributed identity to CICS. The distributed identity is mapped to a RACF user ID, which is used for authorization by CICS.


Information Information

Feedback


Timestamp icon Last updated: Tuesday, 19 November 2013


https://ut-ilnx-r4.hursley.ibm.com/tg_latest/help/topic/com.ibm.cics.tg.doc//ctgunx/idprop_end2end.html