Enterprise Identity Mapping identity token connection factory parameters

(iSeries)
Enterprise Identity Mapping identity token connection factory parameters

The following table is a summary of the parameters or custom properties referenced by the Enterprise Identity Mapping (EIM) identity token connection factory. These parameters are necessary when we configure the EIM identity token connection factory.

Parameter description Parameter example Required Initially set by Referenced by
LDAP administrator ID and password cn=administrator Yes LDAP administrator using the iSeries Navigator when configuring LDAP J2C Authentication Data entry
LDAP host name and port mysystem.com and 389 Yes LDAP administrator using the iSeries Navigator LdapHostName and LdapHostPort identity token resource adaptor properties
EIM domain name and parent domain EIM and dc=mysystem,dc=com Yes EIM administrator using the iSeries Navigator when configuring EIM EimDomainName and ParentDomain identity token resource adaptor properties
sourceRegistryName LDAP Yes EIM administrator using the iSeries Navigator when configuring EIM user registries used by applications sourceRegistryName identity token resource adaptor property
Key time out and size 1200 and 512 No WebSphere Application Server administrator using the administrative console KeyTimeoutSeconds and KeySize identity token resource adaptor properties
UseSSL false No WAS administrator using the administrative console UseSSL identity token resource adaptor property
TrustStoreName profile_root/etc/idtokTrustFile.jks No WAS administrator using the administrative console TrustStoreName identity token resource adaptor property
TrustStorePassword tspwd No WAS administrator using the administrative console TrustStorePassword identity token resource adaptor property
KeyStoreName profile_root/etc/idtokKeyFile.jks No WAS administrator using the administrative console KeyStoreName identity token resource adaptor property
KeyStorePassword kspwd No WAS administrator using the administrative console KeyStorePassword identity token resource adaptor property

Identity token files

After applying the required PTFs, all of the files in the table can be found on the server where we have WAS installed.

File Name Directory
idTokenRA.rar /QIBM/ProdData/OS400/security/eim
testIdentityToken.ear /QIBM/ProdData/OS400/security/eim
cfgIdToken.jacl /QIBM/ProdData/OS400/security/eim
eim.jar /QIBM/ProdData/OS400/security/eim
jt400.jar /QIBM/ProdData/HTTP/public/jt400/lib
idTokenRA.JCA15.rar /QIBM/ProdData/OS400/security/eim

Configure the Enterprise Identity Mapping identity token connection factory
Configure Enterprise Identity Mapping

Parameter description	Parameter example	Required	Initially set by	Referenced by
LDAP administrator ID and password	cn=administrator	Yes	LDAP administrator using the iSeries Navigator when configuring LDAP	J2C Authentication Data entry
LDAP host name and port	mysystem.com and 389	Yes	LDAP administrator using the iSeries Navigator	LdapHostName and LdapHostPort identity token resource adaptor properties
EIM domain name and parent domain	EIM and dc=mysystem,dc=com	Yes	EIM administrator using the iSeries Navigator when configuring EIM	EimDomainName and ParentDomain identity token resource adaptor properties
sourceRegistryName	LDAP	Yes	EIM administrator using the iSeries Navigator when configuring EIM user registries used by applications	sourceRegistryName identity token resource adaptor property
Key time out and size	1200 and 512	No	WebSphere Application Server administrator using the administrative console	KeyTimeoutSeconds and KeySize identity token resource adaptor properties
UseSSL	false	No	WAS administrator using the administrative console	UseSSL identity token resource adaptor property
TrustStoreName	profile_root/etc/idtokTrustFile.jks	No	WAS administrator using the administrative console	TrustStoreName identity token resource adaptor property
TrustStorePassword	tspwd	No	WAS administrator using the administrative console	TrustStorePassword identity token resource adaptor property
KeyStoreName	profile_root/etc/idtokKeyFile.jks	No	WAS administrator using the administrative console	KeyStoreName identity token resource adaptor property
KeyStorePassword	kspwd	No	WAS administrator using the administrative console	KeyStorePassword identity token resource adaptor property

File Name	Directory
idTokenRA.rar	/QIBM/ProdData/OS400/security/eim
testIdentityToken.ear	/QIBM/ProdData/OS400/security/eim
cfgIdToken.jacl	/QIBM/ProdData/OS400/security/eim
eim.jar	/QIBM/ProdData/OS400/security/eim
jt400.jar	/QIBM/ProdData/HTTP/public/jt400/lib
idTokenRA.JCA15.rar	/QIBM/ProdData/OS400/security/eim