Performing identity mapping for authorization across servers in different realms
Identity mapping is a one-to-one mapping of a user identity between two servers so that the proper authorization decisions are made by downstream servers. Identity mapping is necessary when the integration of servers is needed, but the user registries are different and not shared between the systems.
Overview
The following topics are covered in this section:
Procedure
- Configure inbound identity mapping For inbound identity mapping, you can write a custom login module and configure WebSphere Application Server to run the login module first within the system login configurations. Consider the following steps when you write your custom login module: Configure inbound identity mapping.
- Configure outbound identity mapping to a different target realm By default, when WAS makes an outbound request from one server to another server in a different security realm, the request is rejected. This topic details alternatives for enabling one server to send outbound requests to a target server in a different realm. For more information, see Configure outbound mapping to a different target realm
Configure inbound identity mapping
Configure outbound mapping to a different target realm
Related tasks
Configure RMI over IIOP