Table of Contents
Advertisement
Chapter 78. TFIM configuration mode
This chapter provides an alphabetic listing of commands that are available in TFIM
configuration mode. TFIM is the abbreviation for IBM Tivoli Federated Identity
Manager.
To enter this configuration mode, use the Global tfim command.
The DataPower appliance integrates with TFIM through the exchange of WS-Trust
SOAP messages. The TFIM management object centralizes the configuration of the
TFIM endpoint and prevents parameter duplication between the Map Credential
and the Post Processing phases in AAA. During the Map Credential phase, an
authenticated identity can be mapped to the identity used for authorization.
During the Post Processing phase, an authorized identity can be mapped to the
output AAA identity.
When integrating with TFIM, the provided input credentials must be able to be
expressed in the request token format that is configured for the TFIM endpoint.
For example, a WS-Security Username TokenType that is to be used as the request
token cannot be created when the available user credential is an X.509 certificate.
All of the commands that are listed in "Common commands" on page 2 and most,
but not all, of the commands that are listed in Chapter 114, "Monitoring
commands," on page 949 are also available in TAM configuration mode.
tfim-60-req-tokenformat
Specifies the format of the TFIM 6.0 request token.
Syntax
tfim-60-req-tokenformat format
Parameters
format Specifies the format of the token. Only the following values are supported:
Guidelines
The tfim-60-req-tokenformat command is required when tfim-compatible is v6.0;
otherwise, it is ignored.
© Copyright IBM Corp. 1999, 2008
Custom
Indicates a custom token. When specified, requires the use of the
tfim-custom-req-url command
SAML1.0
Indicates a SAML Assertion 1.0
SAML1.1
Indicates a SAML Assertion 1.1
WSUserNameToken
(Default) Indicates a WS-Security Username Token
661
Advertisement
Table of Contents
