Configure identity assertion for Version 5.x web services with an assembly tool
With the identity assertion authentication method, the security token generates a <wsse:UsernameToken> element containing a <wsse:Username> element. On the request sender side, a callback handler is invoked to generate the security token. On the request receiver side, the security token is validated. Trust is established through the use of a security token rather than through user name and password validation.
Subtopics
- Secure web services for Version 5.x applications using identity assertion authentication
With the identity assertion authentication method, the security token generates a <wsse:UsernameToken> element containing a <wsse:Username> element. On the request sender side, a callback handler is invoked to generate the security token. On the request receiver side, the security token is validated. Unlike BasicAuth authentication, trust is established through the use of a security token rather than through user name and password validation.
- Configure the client for identity assertion: specifying the method
We can configure identity assertion authentication. The purpose of identity assertion is to assert the authenticated identity of the originating client from a web service to a downstream web service.
- Configure the client for identity assertion: collecting the authentication method
We can configure identity assertion authentication. The purpose of identity assertion is to assert the authenticated identity of the originating client from a web service to a downstream web service.
- Configure the server to handle identity assertion authentication
The purpose of identity assertion is to assert the authenticated identity of the originating client from a web service to a downstream web service. We can configure identity assertion authentication for the server. Do not attempt to configure identity assertion from a pure client.
- Configure the server to validate identity assertion authentication information
The purpose of identity assertion is to assert the authenticated identity of the originating client from a web service to a downstream Web service.