CSIv2 features

The following Common Secure Interoperability V2 (CSIv2) features are available in IBM WebSphere Application Server: SSL client certificate authentication, message layer authentication, and identity assertion.

In WebSphere Application Server, the security attribute propagation feature is also available.

• Secure Sockets Layer client certificate authentication.

  An additional way to authenticate a client to a server using SSL client authentication.

• Message layer authentication.

  Authenticates credential information and sends that information across the network so that a receiving server can interpret it.

• Identity assertion.

  Supports a downstream server in accepting the client identity established on an upstream server, without having to reauthenticate. The downstream server trusts the upstream server.

• Security attribute propagation

  Supports the use of the authorization token to propagate serialized Subject contents and PropagationToken contents with the request. You can propagate these objects using a pure client or a server login that adds custom objects to the Subject. Propagating security attributes prevents downstream logins from having to make UserRegistry calls to look up these attributes.

---

Security attribute propagation

Secure Sockets Layer client certificate authentication
Message layer authentication
Identity assertion
    

 

---