Select the objects and properties that you want to change for the SecurityProfiles configurable service.
To change these properties, you must specify the broker name and -c SecurityProfiles. You must also set the ObjectName to either Default_Propagation or the name of a SecurityProfiles configurable service that you have defined by using the mqsicreateconfigurableservice command. The properties and values are the same for all services.
For SecurityProfiles configurable services, you must stop and start the integration server for a change of property value to take effect.
The SecurityProfiles configurable service is independent of the securitycache component.
Supplied configurable services that are created for each broker | Properties for each configurable service that is defined | Description of properties |
---|---|---|
Default_Propagation |
authentication |
The type of authentication that is performed
on the source identity. Valid values are:
If you are using TFIM V6.1, specify TFIM. If you are using TFIM V6.2, specify WS-Trust V1.3 STS. |
authenticationConfig |
The information that the broker needs to connect to the provider, specific to the provider. It is a provider-specific configuration string. |
|
authorization |
The types of authorization checks that are performed
on the mapped or source identity. Valid values are:
If you are using TFIM V6.1, specify TFIM. If you are using TFIM V6.2, specify WS-Trust V1.3 STS. |
|
authorizationConfig |
How the broker connects to the provider, specific to the provider. It is a provider-specific configuration string. |
|
mapping |
The type of mapping that is performed. Valid
values are:
If you are using TFIM V6.1, specify TFIM. If you are using TFIM V6.2, specify WS-Trust V1.3 STS. |
|
mappingConfig |
How the broker connects to the provider, specific to the provider. It is a provider-specific configuration string. |
|
passwordValue |
How passwords are treated when they enter a message flow. Valid values are:
|
|
propagation |
Indicates whether identity propagation is performed on output and request
nodes. Valid values are:
|
|
rejectBlankpassword |
Indicates whether the security manager internally rejects a user name that has
an empty password token, without passing it to the configured security provider for authentication,
for example an LDAP server. Valid values are:
|