rrdSecurity.props file
Remote request dispatcher (RRD) supports LTPA and security attribute propagation for Web services security (WS-Security). You can enable token propagation in the was_install/profiles/profileName/properties/rrdSecurity.props file.
The rrdSecurity.props file contains comments to describe the security attributes. The following is the format of the rrdSecurity.props file. The default values are in bold face type.
- LTPAPropagation= ( True | False)
- SecurityAttributePropagation= ( True | False)
- SSLRequired= ( True | False)
The WS-Security runtime inspects the run as (invocation) subject and propagates the security tokens in the subject. The default setting is to only propagate the LTPA tokens.
Custom security tokens can be passed as attributes of the LTPA tokens. The security attribute propagation support uses the same pluggable JAAS login module as the CSIv2 support. The security attribute is not signed or encrypted, therefore, you should not send the attribute in clear text form. You must require SSL to ensure integrity and confidentiality. If SSL is not required, RRD uses the same scheme, such as HTTP or HTTPS, to make the Web services call that the original request used. See Custom security token propagation for more information.
You must also configure the target Web service to validate the LTPA tokens and security attributes.
These links are provided for convenience. Often, the information is not specific to an IBM WAS product, but is useful all or in part for understanding the product. When possible, links are provided to technical papers and Redbooks that supplement the broad coverage of the release documentation with in-depth examinations of particular product areas.
Related concepts
Custom security token propagation
Related tasks
Configure Web services security using JAX-RPC at the platform level
Reference topic