Username token capabilities for identity mapping
For web services, you can map an identity by using a username token.
Identity mapping from a username identity token to a mapped username identity token is supported only in the following configurations:
Capability
- Identity mapping
- In (provider)
Configured with a security policy and binding that defines that a username taken is present. You can use the default policy and binding WSS10Default; see Default policy set and bindings.
Configured with a security profile defining the external Policy Decision Point (PDP); see the PDP section that follows.
- WS-Trust v1.3 STS
Configured by using a WS-Trust v1.3 STS security profile that specifies identity mapping; see Creating a security profile for WS-Trust V1.3 (TFIM V6.2).
- TFIM V6.1
Configured by using a TFIM security profile that specifies identity mapping; see Creating a security profile for TFIM V6.1.