In Integration Server communication, you can define that user identities are forwarded securely from a sender to a receiver by using the Integration Server. You can define any number of communication routes between the sender and receiver. This is known as principal propagation.
Note
The following description always assumes that there is an integration Server located between the sender and the receiver.
User refers to a entity that can authenticate itself in a system when the security settings are configured appropriately and the necessary authorizations have been granted. Note that the user name can be different in the sender and receiver systems. Principal propagation means that the identity of the user - and not their user name - is forwarded.
You can configure principal propagation on the basis of the following authentication methods:
Authentication assertion ticket
This option is supported by the XI, SOAP, and RC adapters
Security Assertion Markup Language (SAML)
This option is supported by the Web service runtime (Web Service Reliable Messaging).
For more information, see:
Configuring Principal Propagation (Authentication Assertion Ticket)