The JAX-RPC web services security implementation has two phases of processing a security token embedded in the WS-Security header.
- Verify the validity of the security token.
This is handled by the Token Consumer and/or JAAS Login Module configured in the deployment descriptor and binding.
- Verify the identity of the security token exist in the configured user registry and then create the WebSphere credentials.
This is enabled via the Caller and it is optional.
Value: name of the JAAS Login Configuration