IBM Integration Bus, Version 9.0.0.8 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS

See information about the latest product version

Kerberos-based WS-Security

You can use Kerberos authentication with WS-Security either as a service or as a client.

Kerberos is a network authentication protocol that enables mutual authentication with symmetric keys. Users and services on a network authenticate with each other through a Key Distribution Center (KDC), as a trusted third party. IBM® Integration Bus provides support for Kerberos either as a service or as a client.

You can use message flows to call web services that are secured with Kerberos by using a SOAP Request node. You can also provide web services that are secured with Kerberos by using SOAP Input Nodes. The WS-Security header passes Kerberos tokens. You can sign and encrypt either parts or all of a SOAP message by using Kerberos tokens. Signing and encrypting messages provides message integrity, confidentiality, and authenticity.

For information about Kerberos terminology and concepts, see Concepts for Kerberos security.

You can configure IBM Integration Bus to act as a Kerberos secured service or as a client to a Kerberos secured service. Install a Kerberos KDC and configure it to contain all the principals that are required by the environment, then configure for a service or client. For more information about configuring Kerberos, see your host Kerberos documentation.

For the steps needed to embed IBM Integration Bus as a client, see Configuring IBM Integration Bus as a client to a Kerberos secured Service.
For the steps needed to configure IBM Integration Bus as a secured service, see Configuring IBM Integration Bus as a Kerberos secured Service.
For the steps needed to configure separate Kerberos configuration files for each integration server, see Configuring separate Kerberos configuration files for each integration server.

bc49100_.htm |

Last updated Friday, 21 July 2017

Kerberos-based WS-Security

Subtopics