Caller settings

Use this page to configure the caller settings. The caller specifies the token or message part that is used for authentication.

You can configure the caller settings for message parts when you are editing a default cell or server binding. You can also configure custom bindings for tokens and message parts that are required by the policy set.

To view this administrative console page when you are editing a default cell binding, complete the following actions:
  1. Click Services > Policy sets > Default policy set bindings.
  2. Click the WS-Security policy in the Policies table.
  3. Click the Authentication and protection link in the Main message security policy bindings section.
  4. Click the Caller link in the Main message security policy bindings section.
  5. Click New.
To view this administrative console page when you are configuring custom bindings for tokens and message parts that are required by the policy set, complete the following actions:
  1. Click Applications > Websphere enterprise applications .
  2. Select an application that contains Web services. The application must contain a service provider or a service client.
  3. Click the Service provider policy sets and bindings link in the Web Services Properties section. The caller settings are available only for the service provider policy sets and bindings. The caller settings are not available for service client policy sets and bindings.
  4. Select a binding. You must have previously attached a policy set and assigned a custom binding.
  5. Click the WS-Security policy in the Policies table.
  6. Click the Caller link in the Main message security policy bindings section.
  7. Click New.

這個管理主控台畫面只適用於 Java™ API for XML Web Service (JAX-WS) Web 服務。

Name

Specifies the name of the caller to use for authentication. Enter a caller name in this required field. This arbitrary name identifies this caller setting.

Order

Specifies the order of preference for the callers. The order determines which caller will be utilized when multiple authentication tokens are received.

You can change the order of preference by moving a caller up or down in the list. Click the checkbox next to a caller name to select the caller, then click the Move up button to move the caller higher in the list, or click the Move down button to move the caller to a lower position in the preference order.

Button Resulting Action
Move up Moves the order of the selected caller up in the caller list.
Move down Moves the order of the selected caller down in the caller list.
適用於轉換使用者: The order column displays only for bindings using the new namespace. If a binding with multiple callers was migrated to the new namespace, then the callers do not have an order. In that case, Not configured is displayed in the order column. Use the Move up and Move down buttons to assign orders to the callers. Callers must have orders assigned before you save the bindings or use the bindings with an application.trns
Caller identity local part

Specifies the local name of the caller to use for authentication. Enter a caller identity local name in this required field.

When specifying an LTPA caller, use LTPA as the local name for a caller that uses an older binding, prior to IBM® WebSphere® Application Server, Version 7.0. Newer bindings for IBM WebSphere Application Server, Version 7.0 and later should use LTPAv2 as the local name. Specifying LTPAv2 allows both LTPA and LTPAv2 tokens to be consumed, unless the Enforce token version option is selected on the token consumer.

Caller identity URI

Specifies the uniform resource identifier (URI) of the caller to use for authentication. Enter a caller URI in this field.

When specifying an LTPA caller, use http://www.ibm.com/websphere/appserver/tokentype/5.0.2 as the URI for a caller that uses an older binding, prior to IBM WebSphere Application Server, Version 7.0. Newer bindings for IBM WebSphere Application Server, Version 7.0 and later should use the http://www.ibm.com/websphere/appserver/tokentype URI.

Use identity assertion

Specifies whether identity assertion is used when authenticating. Select this check box if you want to use identity assertion. Select this box to enable the Trusted identity local name and Trusted identity URI fields.

Trusted identity local name

Specifies the trusted identity local name when the identity assertion is used. Enter a trusted identity local name in this entry field when the identity assertion is used.

Trusted identity URI

Specifies the trusted identity uniform resource identifier (URI). Enter a URI in this entry field when the identity assertion is used.

Signing part reference

When the trusted identity is based on a signing token, select the signing part reference that represents the message parts signed by that token.

Callback handler

Specifies the class name of the callback handler. Enter the class name of the callback handler in this field.

JAAS login

Specifies the Java Authentication and Authorization Service (JAAS) application login. You can enter a JAAS login, select one from the menu, or click New to add a new one.

Custom properties – Name

Specifies the name of the custom property.

Custom properties are not initially displayed in this column. Select one of the following actions for custom properties:

Button Resulting Action
New Creates a new custom property entry. To add a custom property, enter the name and value.
Edit Specifies that you can edit the custom property value. At least one custom property must exist before this option is displayed.
Delete Removes the selected custom property.
Custom properties – Value

Specifies the value of the custom property that you want to use. Use the Value field to add, edit, or delete the value for a custom property.




標示(線上)的鏈結表示需要存取網際網路。

Related tasks
Related reference


檔名: uwbs_wsspsbcald.html