Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure Service integration > Secure service integration > Secure mediations
Configure an alternative mediation identity for a mediation handler
Use this task to configure an alternative mediation identity for a mediation handler By default, a mediation inherits the identity used by the messaging engine. In some cases, you might want to specify an alternative identity for a mediation handler to use. For example, for a single mediation that sends messages to a destination.
To do this, you specify a "run-as" identity for the mediation handler at deployment, and map the mediation handler to an identity other than the default mediation identity by using a role name. Follow the steps below to specify an alternative mediation identity:
Procedure
- Package your mediation handler as an EAR file.
- Edit the deployment descriptor file to define the roles. See Configure programmatic logins for JAAS.
- Assign users to the role. See Map users to RunAs roles using an assembly tool and Secure applications during assembly and deployment.
- Deploy the mediation handler in WAS, and assign users to the RunAs role. See Assign users to RunAs roles. We can confirm the mappings of users to roles, add new users and groups, and modify existing information during this step. See Deploy secured applications.
Example
What to do next
Next, you are ready to authorize mediations to access destinations. See Administer authorization permissions.
Mediations security
Mediation handlers and mediation handler lists
Configure the bus to access secured mediations