WAS v8.5 > Secure applications > Secure Service integration > Secure service integration > Secure mediations

Configure an alternative mediation identity for a mediation handler

Use this task to configure an alternative mediation identity for a mediation handler

By default, a mediation inherits the identity used by the messaging engine. In some cases, you might want to specify an alternative identity for a mediation handler to use. For example, for a single mediation that sends messages to a destination. To do this, we specify a "run-as" identity for the mediation handler at deployment, and map the mediation handler to an identity other than the default mediation identity using a role name. Follow the steps below to specify an alternative mediation identity:

  1. Package your mediation handler as an EAR file.
  2. Edit the deployment descriptor file to define the roles. For more information, see Configure programmatic logins for Java Authentication and Authorization Service.
  3. Assign users to the role. For more information, see Map users to RunAs roles using an assembly tool and Secure applications during assembly and deployment.
  4. Deploy the mediation handler in WebSphere Application Server, and assign users to the RunAs role. For more information, see Assigning users to RunAs roles. We can confirm the mappings of users to roles, add new users and groups, and modify existing information during this step. For more information, see Deploy secured applications.


Example

Next, you are ready to authorize mediations to access destinations. For more information, see Administer authorization permissions.


Related concepts:

Mediations security
Mediation handlers and mediation handler lists


Related


Configure the bus to access secured mediations


+

Search Tips   |   Advanced Search