Configuring Credential Mapping policyset to retrieve credentials from Identity Provider (keystore)
Article ID: KB0090467
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix Service Grid | - |
| Not Applicable | - |
Description
Resolution:
Description:
==========
Credential Mapping policies could be configured to retrieve credentials from Identity Provider instead of using fixed credentials from the policyset file.
Resolution:
=========
1). Create a keystore following the instructions in TIBCO ActiveMatrix Service Grid Composite Development > Resource Templates > Security Resource Templates > Keystore Provider > Keystores > Creating a Keystore Containing a Username and Password. When creating the keystore specify the username and password that you want to use in Credential Mapping policy.
2). Create a Keystore Provider Resource Template based on the keystore created in Step 1.
3). Create an Identity Provider Resource Template based on the Keystore Provider created in Step 2. Check the ‘Enable Access to Credential Store Containing Identity’ checkbox.
4). Install the Identity Provider Resource Instance to the node where the application with the Credential Mapping policy is going to be deployed.
5). When creating the Credential Mapping policy in Business Studio use the attached sample as reference (Filename: keystoreID_credentialMapping_usernameToken) . Note that if the property value in the policyset file is different from the Identity Provider Resource Instance name it may be updated in Admin UI before deploying the DAA.
Description:
==========
Credential Mapping policies could be configured to retrieve credentials from Identity Provider instead of using fixed credentials from the policyset file.
Resolution:
=========
1). Create a keystore following the instructions in TIBCO ActiveMatrix Service Grid Composite Development > Resource Templates > Security Resource Templates > Keystore Provider > Keystores > Creating a Keystore Containing a Username and Password. When creating the keystore specify the username and password that you want to use in Credential Mapping policy.
2). Create a Keystore Provider Resource Template based on the keystore created in Step 1.
3). Create an Identity Provider Resource Template based on the Keystore Provider created in Step 2. Check the ‘Enable Access to Credential Store Containing Identity’ checkbox.
4). Install the Identity Provider Resource Instance to the node where the application with the Credential Mapping policy is going to be deployed.
5). When creating the Credential Mapping policy in Business Studio use the attached sample as reference (Filename: keystoreID_credentialMapping_usernameToken) . Note that if the property value in the policyset file is different from the Identity Provider Resource Instance name it may be updated in Admin UI before deploying the DAA.
Issue/Introduction
Configuring Credential Mapping policyset to retrieve credentials from Identity Provider (keystore)
Attachments
Feedback
Yes
No
Powered by
