ap04130_.htm |
Last updated Friday, 21 July 2017Configure a security token server (STS), such as Tivoli® Federated Identity Manager (TFIM) V6.2, to map the incoming security token and, if required, to authenticate and authorize it.
Before you start:
Before you can configure a message flow to perform identity mapping, you need to check that an appropriate security profile exists, or create a new security profile. For information about security profiles, see Creating a security profile.
IBM Integration Bus provides support for identity mapping (also known as identity federation) and token issuance and exchange. Identity mapping is the process of mapping an identity in one realm to another identity in a different realm. For example, you might map User001 from the eSellers realm to eSellerUser01 in the eShipping realm. Token issuance and exchange involves the mapping of a token of one type to a token of a different type. For example, an incoming Username and Password token from a client over MQ might be mapped into an equivalent SAML assertion, to be propagated to a Web Services call. Alternatively, you might exchange a SAML 1.1 assertion from a client application for an equivalent SAML 2.0 assertion for an updated backend server.
Last updated Friday, 21 July 2017