Follow these steps to configure the security provider used to support the Identity header:

1. Log in to the Administration Console for the Converged Application Server domain you want to configure.

2. In the left pane of the Console, select the Security Realms node.

3. Select the name of your security realm from the Realms table in the right pane of the Console.

4. Select the Providers tab, and then select the Authentication subtab in the right pane.

5. Click New in the Authentication Providers table.

6. Enter a name for the new provider, and select IdentityHeaderAsserter for the Type.

7. Click OK.

8. Select the name of the provider you just created in the Authentication Providers table.

9. Select the Configuration tab and then select the Provider Specific subtab.

10. Fill in the fields of the Provider Specific subtab as follows:

    • Date Period: Enter the valid period for Date header, in seconds.

    • Https Channel Name: Enter the name of an HTTPS channel the provider should use to initialize an HTTPS client. An HTTPS channel is required (and must be configured separately) if a remote certificate must be retrieved via HTTPS.

    • User Name Mapper Class Name (optional): Enter the name of a custom Java class used to map user names in the Identity header to user names in the default security realm. A custom user name mapper class is required if you want to map usernames in the Identity header to WebLogic usernames. See Securing Oracle WebLogic Server in the Oracle WebLogic Server documentation for more information.

11. Click Save.

12. Restart the server.