Start of change
WebSphere Message Brokers
File: ap04050_
Writer: Stephanie J Strugnell

Concept topic

This build: July 31, 2007 21:34:46

Identity propagation

In an enterprise system many physical identities (such as usernames, certificates etc.) can be used to represent a single logical identity through different parts of the enterprise. Identity propagation ensures that the logical identity is kept throughout the system by mapping between the various physical forms as necessary. For example, a message might enter the system using a certificate and a username token might be required for back-end processing of the message.

Identity mapping is used to convert from the certificate to the username token, and identity propagation ensures that the mapped identity is placed in the correct place for the outbound transport. The broker distinguishes between Session-based and Message-based security.

For more information see Identity mapping and Session-based and message-based connections and security.

Related concepts
Identity
Authentication
Identity mapping
Authorization
Security profiles
Security exception processing
Related tasks
Configuring identity
Configuring authentication
Configuring identity mapping
Configuring a security profile
Configuring authorization
Configuring a message flow for identity propagation
Setting up message flow security
Related reference
mqsicreateconfigurableservice command
mqsideleteconfigurableservice command
mqsichangeproperties command
mqsireportproperties command
MQInput node
HTTPInput node
HTTPRequest node
MQOutput node
Notices | Trademarks | Downloads | Library | Support | Feedback

Copyright IBM Corporation 1999, 2007Copyright IBM Corporation 1999, 2007. All Rights Reserved.
This build: July 31, 2007 21:34:46

ap04050_ This topic's URL is:
End of change