"Kirk Everett" wrote in message
> I have a question about the DefaultIdentityAsserter. I've written my own
> identityasserter to read the user info from a request header and it seems

> be working fine. My question is about the DefaultIdentityAssertion

> I see that it accepts a token of "AU_TYPE for a WebLogic AuthenticatedUser
> used as a token". What does this mean? I can't find any docs anywhere that
> explain what this is. Is it a request header? I was thinking that if it's

> request header, I would just use the default provider rather than writing

> custom one.

AU is an internal authenticated user. This token type is used in server to
server communication
when using iiop. Leave the default identity asserter configured to handle
this token type and then
configure your identity asserter to handle your token types.