You can configure a message flow to perform identity authentication by using Tivoli® Federated Identity Manager (TFIM) V6.1.
Before you can configure a message flow to perform identity authentication, you need to check that an appropriate security profile exists, or create a new security profile. See Creating a security profile for TFIM V6.1.
For more information about these parameters, see Authentication, mapping, and authorization with TFIM V6.1 and TAM.
For further information about
how to configure TFIM, see the IBM Tivoli Federated
Identity Manager product documentation online.
Steps for enabling TFIM authentication:
For a SOAPInput node to use the identity in the WS-Security header (rather than an underlying transport identity) an appropriate policy set and bindings must also be defined and specified. For more information, see Policy sets.
If the message identity does not contain enough information for authentication, the information must be taken from the message body. For example, if a password is required for authentication but the message came from WebSphere® MQ with only a username, the password information must be taken from the message body. For more information, see Configuring the extraction of an identity or security token.