+

Search Tips   |   Advanced Search

rrdSecurity.props file

Remote request dispatcher (RRD) supports LTPA and security attribute propagation for Web Services Security (WS-Security). We can enable token propagation in the <was_install>/profiles/<profileName>/properties/rrdSecurity.props file.

The rrdSecurity.props file contains comments to describe the security attributes.

The following is the format of the rrdSecurity.props file. The default values are in bold face type.

The WS-Security run time inspects the run as (invocation) subject and propagates the security tokens in the subject. The default setting is to only propagate the LTPA tokens.

Custom security tokens can be passed as attributes of the LTPA tokens. The security attribute propagation support uses the same pluggable JAAS login module as the CSIv2 support. The security attribute is not signed or encrypted, therefore, we should not send the attribute in clear text form. We must require SSL to ensure integrity and confidentiality. If SSL is not required, RRD uses the same scheme, such as HTTP or HTTPS, to make the web services call that the original request used.

We must also configure the target web service to validate the LTPA tokens and security attributes.


Related:

  • Web Services Security token propagation