Security token

 

+

Search Tips   |   Advanced Search

 

A security token represents a set of claims made by a client that might include...

• name
• password
• identity
• key
• certificate
• group
• privilege
• business certification
• etc...

WS-Security associates security tokens with messages.

WS-Security supports multiple security token formats.

Security token profiles include...

• Username token
• X.509 token
• SAML token
• XrML token
• Kerberos token

A security token is embedded in the SOAP message within the SOAP header. The security token within the SOAP header is propagated from the message sender to the intended message receiver. On the receiving side, the WAS Web Services security handler authenticates the security token and sets up the caller identity on the running thread.

WAS contains an enhanced security token that has the following features:

• The client can send multiple tokens to downstream servers.

• The receiver can determine which security token to use for authorization based upon the type or signed part for X.509 tokens.

• Use the custom token or derived key token for digital signing or encryption.

---

 

Related concepts

Username token
Binary security token
XML token
Web services
WS-Security provides message integrity, confidentiality, and authentication