Set trusted ID evaluators on the server or cell level
Configure trusted identity (ID) evaluators. The trusted ID evaluator determines whether or not to trust the identity-asserting authority.
This task provides the steps that are needed to configure trusted identity (ID) evaluators. The trusted ID evaluator determines whether to trust the identity-asserting authority. After the ID is trusted, the WAS issues the proper credentials based on the identity, which are used in a downstream call to another server for invoking resources. The trusted ID evaluator implements the com.ibm.wsspi.wssecurity.id.TrustedIDEvaluator interface.
To access default bindings for the server level.
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-WS
Servers | Server Types | WebSphere application servers | server_name | Security | JAX-RPCTo access the default bindings on the cell level...
Security | Web services
Go to...
Additional properties | Trusted ID evaluators
The Trusted ID evaluator name is used by applications to bind to the web service. The default class name is...
com.ibm.wsspi.wssecurity.id.TrustedIDEvaluatorImpl
...which implements class...
com.ibm.wsspi.wssecurity.id.TrustedIDEvaluator
Specify name and value properties to create the trusted ID list for evaluation.
Under Additional properties, click...
Properties | New
...and specify the trusted ID evaluator name as a property name. Specify the trusted ID evaluator name in the form, trustedId_n, where _n is an integer from zero (0) to n.
Specify the trusted ID as a property value.
property name="trustedId_0", value="CN=Bob,O=ACME,C=US" property name="trustedId_1, value="user1"
If a distinguished name (DN) is used, the space is removed for comparison.
Trusted ID evaluator collection
Trusted ID evaluator settings
Set WS-Security using JAX-RPC at the platform level