Login mappings collection

Use this page to view a list of configurations for validating security tokens within incoming messages. Login mappings map an authentication method to a JAAS login configuration to validate the security token. Four authentication methods are predefined in the WAS: BasicAuth, Signature, IDAssertion, and Lightweight Third Party authentication (LTPA)

To view this administrative console page, complete the following steps:

  1. Click Server > Application Servers > server.

  2. Under Additional Properties, click Web Services: Default bindings for Web Services Security > Login Mappings.

  3. Click New to create a login mapping or click Delete to delete a login mapping.

If you click Update runtime, the Web services security run time is updated with the default binding information, which is contained in the ws-security.xml file that was previously saved. After you specify the authentication method, the JAAS configuration name, and the Callback Handler Factory class name on this panel, complete the following steps...

Click Save at the top of the administrative console. When you click Save, you return to the administrative console home panel.

Return to the Login Mappings collection panel and click Update runtime. When you click Update runtime, the configuration changes made to the other Web services also are updated in the Web services security run time.

Authentication Method Specifies the authentication method used for validating the security tokens.

The following authentication methods are available...

BasicAuth The basic authentication method includes both a user name and a password in the security token. The information in the token is authenticated by the receiving server and used to create a credential.

Signature The signature authentication method sends an X.509 certificate as a security token. For LDAP registries, the distinguished name (DN) is mapped to a credential, which is based on the LDAP certificate filter settings. For local OS registries, the first attribute of the certificate, usually the common name (CN) is mapped directly to a user ID in the registry.

IDAssertion The identity assertion method maps a trusted identity (ID) to a WebSphere Application Server credential. This authentication method only includes a user name in the security token. An additional token is included in the message for trust purposes. When the additional token is trusted, the IDAssertion token user name is mapped to a credential.

LTPA Lightweight Third Party Authentication (LTPA) validates an LTPA token.

JAAS Configuration Name Name of the Java Authentication and Authorization Service (JAAS) configuration.

Callback Handler Factory Class Name Name of the factory for the CallbackHandler class.


See Also

BasicAuth authentication method
Identity assertion authentication method
Signature authentication method
Lightweight Third Party Authentication
Login mapping configuration settings