Configure WebSEAL to use the attribute retrieval service
Perform the following tasks to configure WebSEAL to use the attribute retrieval service.
- In the WebSEAL configuration file, specify the identification name (ID) of the attribute retrieval service that is queried when missing ADI is detected during a rules evaluation. In this case, the attribute retrieval service is specified:
[aznapi-configuration]
dynamic-adi-entitlement-services = AMWebARS_A- In the WebSEAL configuration file, use the service ID for the configured attribute retrieval service as a parameter to specify the appropriate built-in library that formats outbound ADI requests and interprets incoming responses:
For example:
[aznapi-entitlement-services]
AMWebARS_A = azn_ent_amwebars- In the WebSEAL configuration file, specify the URL to the attribute retrieval service located in the WebSphere environment.
For a TCP connection:
[amwebars]
service-url = http://websphere_hostname:websphere_port /amwebars/amwebars/ServiceToIServicePortAdapter
Parent topic: Authorization decision information retrieval
Related concepts
- Overview of ADI retrieval
- ADI retrieval from the WebSEAL client request
- ADI retrieval from the user credential
- Dynamic ADI retrieval
Related tasks