bp28366_.htm |
Last updated Friday, 21 July 2017For Web services, you can complete authentication and authorization using an LTPA token.
The LTPA token Authentication and Authorization are supported only in the following configuration:
Capability
Configured with a security policy set and binding that defines that an LTPA token is present for authentication; see Authentication. The broker provides only LTPA pass-through support, which means that the LTPA token is extracted and passed to an external security token service (STS) for validation. The STS to be used is specified in a security profile. The STS processing can be used to implement authentication and authorization based on the LTPA principal and realm.
Configured with a security profile defining the Policy Decision Point (PDP); see the PDP section that follows.
Configured by using a WS-Trust v1.3 STS security profile specifying authentication, authorization or both; see Creating a security profile for WS-Trust V1.3 (TFIM V6.2).
Last updated Friday, 21 July 2017