Start of change
WebSphere Message Brokers
File: ap04160_
Writer: Stephanie J Strugnell

Task topic

This build: July 31, 2007 21:34:52

Configuring a message flow for identity propagation

Before you start:

Before you can configure a message flow to perform identity propagation, you need to check that an appropriate security profile exists, or create a new security profile. See Configuring a security profile.

To enable a message flow to perform identity propagation:
On the Security tab for each output node, select a security profile that has identity propagation enabled. You can use the Default_Propagation profile or a user-defined profile:
Screen capture of Security tab on the MQOutput Node Properties panel
If the message identity does not contain enough information for identity propagation, you can use either of the following methods to acquire the necessary information:
  • Take the information from the message body. For example, if the message came from MQ with only a username, and the output is an HTTP request node requiring a usernameAndPassword token, the password might be present in the body of the incoming message. For more information, see Configuring identity.
  • Configure an identity mapper (TFIM).
Related concepts
Identity
Authentication
Identity mapping
Authorization
Identity propagation
Security profiles
Security exception processing
Related tasks
Configuring identity
Configuring authentication
Configuring identity mapping
Configuring a security profile
Configuring authorization
Setting up message flow security
Related reference
mqsicreateconfigurableservice command
mqsideleteconfigurableservice command
mqsichangeproperties command
mqsireportproperties command
MQInput node
HTTPInput node
HTTPRequest node
MQOutput node
Notices | Trademarks | Downloads | Library | Support | Feedback

Copyright IBM Corporation 1999, 2007Copyright IBM Corporation 1999, 2007. All Rights Reserved.
This build: July 31, 2007 21:34:52

ap04160_ This topic's URL is:
End of change