+

Search Tips   |   Advanced Search

Trust Method [Settings]

Defines a trust method used to validate the identity of a trusted intermediary asserting an ID on a downstream message. When a trust method is configured, the security token defined by the caller is expected to contain an identity to be asserted.

To view this page in the console, click the following path:

  • Service integration -> Web services -> WS-Security configurations -> v1-inbound-config_name -> [Request consumer] Caller -> caller_name -> [Additional Properties] Trust method.


    Configuration tab

    The Configuration tab shows configuration properties for this object. These property values are preserved even if the runtime environment is stopped then restarted. See the information center task descriptions for information about how to apply configuration changes to the runtime environment.


    General Properties

    Trust any

    If trust any is selected then all upstream intermediaries will be trusted by this consumer. This should only be selected if you are certain that all upstream intermediaries are trusted. Selecting trust any will automatically override all other attributes of this trust method.

    If we do not select the Trust any check box, but specified a value for any other field on this panel, then WS-Security identity assertion is enabled.

    Information Value
    Required No
    Data type Boolean

    Name

    The name of the trust method.

    There are two valid predefined names:

    • BasicAuth (for basic authentication).

    • Signature.

    Information Value
    Required No
    Data type String

    Part

    Name of the required integrity or required confidentiality part within the message to be used to validate the intermediary.

    Information Value
    Required No
    Data type drop-down list

    URI

    Specifies the URI of the security token to use to validate the intermediary.

    If specified BasicAuth or Signature as the trust method, we do not have to specify this option. If we specify a custom token, enter the URI of the QName for the value type.

    Information Value
    Required No
    Data type String

    Local Name

    Local name of the security token to use to validate the intermediary.

    If you enter a value in the Local Name field, define a trusted ID evaluator for the token consumer that is associated with this token.

    WebSphere Application Server has the following predefined local name value types:

    BasicAuth

    http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken

    Signature

    http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3

    • If we enter one of the predefined local name value types, we can leave the URI field blank. For example, to specify "BasicAuth", enter http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken in the Local name field and do not enter a value in the URI field.

    • If we specify a custom value type for a custom token, specify the local name and the URI of the Quality name (QName) of the value type. For example, you might enter Custom in the Local name field, and http://www.ibm.com/custom in the URI field.

    Information Value
    Required No
    Data type String


    Additional Properties

    Properties

    Properties associated with the trust method.


    Related information:

  • Administrative console buttons

  • Administrative console preference settings Reference topic