Configuring the server to validate identity assertion authentication information
The purpose of identity assertion is to assert the authenticated identity of the originating client from a web service to a downstream Web service.
About this task
Use this task to configure identity assertion authentication. Do not attempt to configure identity assertion from a pure client.
For the downstream web service to accept the identity of the originating client (user name only), you must supply a special trusted BasicAuth credential that the downstream web service trusts and can authenticate successfully. You must specify the user ID of the special BasicAuth credential in a trusted ID evaluator on the downstream web service configuration. For more information on trusted ID evaluators, see the topic about the trusted ID evaluator. The server side passes the special BasicAuth credential into the trusted ID evaluator, which returns a true or false response that this ID is trusted. After it is trusted, the user name of the client is mapped to the credential, which is used for authorization.
Complete the following steps to validate the identity assertion authentication information: