Use this page to view a list of configurations for validating security
tokens within incoming messages. Login mappings map an authentication method
to a Java Authentication and Authorization Service (JAAS) login configuration
to validate the security token. Four authentication methods are predefined
in the WebSphere Application Server: BasicAuth, Signature, IDAssertion, and Lightweight Third Party Authentication
(LTPA).
Important distinction between Version 5.x and Version 6.0.x applications
Note: The
information in this article supports version 5.x applications only that are
used with WebSphere Application Server Version 6.0.x. The information does not
apply to version 6.0.x applications.
To view this administrative console page for the cell
level, complete the following steps:
- Click Security > Web services
- Under Additional properties, click Login mappings.
- Click New to create a new login mapping or click an existing configuration
to modify its settings.
To view this administrative console page for the server level, complete
the following steps:
- Click Servers > Application servers > server_name.
- Under Security, click Web services: Default bindings for Web services
security.
- Under Additional properties, click Login mappings.
- Click either New to create a new login mapping configuration or
click the name of an existing configuration.
To view this administrative console page for the application level, complete
the following steps:
- Click Applications > Enterprise applications > application_name.
- Under Related items, click EJB modules or Web modules > URI_name.
- Under Additional properties, click Web services: Server security bindings.
- Click Edit under Request receiver binding.
- Click Login mappings.
If you click
Update runtime, the Web services security run time
is updated with the default binding information, which is contained in the
ws-security.xml file
that was previously saved. After you specify the authentication method, the
Java Authentication and Authorization Service (JAAS) configuration name, and
the Callback Handler Factory class name on this panel, you must complete the
following steps:
- Click Save in the messages section at the top of the administrative
console.
- Click Update runtime. When you click Update runtime, the
configuration changes made to the other Web services also are updated in the
Web services security run time.
Important: If the login mapping configuration is not found on
the application level, the Web services run time searches for the login mapping
configuration on the server level. If the configuration is not found on the
server level, the Web services run time searches the cell.