test

Sun GlassFish Communications Server 2.0 Administration Guide

Trust Configurations and Entities

You can create configurations to set up a trust relationship among domains and/or hosts. In a configuration, you can specify the trust type, the host or domains that are trusted and if the trust relationship is created for sending or receiving messages.

Creating Trust Configurations and Entities

You can create an identity assertion trust by using the Admin Console or CLI.

In the Admin Console, expand the Configurations node and select a configuration. Expand the Security node, click Trust Configurations and then click New.

Alternatively, you can use the asadmin create-trusted-entity and asadmin create-trust-config command. See TBDlink for more details about this command.

You can associate trusted entities (trusted hosts/domains) with a trust configuration or you can select a Trust Handler to have custom implementations to determine trust.

Editing Trust Configurations and Entities

To edit the properties of the trust configuration, you can use the Admin Console or you can use list, get, and set commands as follows:

To list the trust configurations in a target, use the command: list config-name.security-service.identity-assertion-trust.*

To get the trust configuration attributes, use the command: get config-name.security-service.identity-assertion-trust.trust-config-name.*

For a complete list of trust configuration attributes, see TBDlink.

To list the trusted entity in a configuration, use the command: list config-name.security-service.identity-assertion-trust.trust-config-name.*

To edit the properties of the trusted entity, you can use the Admin Console or you can use list, get, and set commands as follows:

To get the trusted entity attributes, use the command: get config-name.security-service.identity-assertion-trust.trust-config-name.trusted-entity.trusted-entity-name.*

To set the trusted entity attributes, use the command: set config-name.security-service.identity-assertion-trust.trust-config-name.trusted-entity.trusted-entity-name.ip-address=121.x.x.x

For a complete list of trusted entity attributes, see TBDlink.