Use this topic to manually migrate trust associations.
Changes to the product-provided trust association interceptors
HTTP/1.1 Fred (Proxy), 1.1 Sam (Apache/1.1), HTTP/1.1 webseal1:7002, 1.1 webseal2:7001
and the com.ibm.websphere.security.webseal.ignoreProxy property is set to true or yes, the host name Fred, is not used when matching the host names. By default, this property is not set, which implies that any proxy host names and ports that are expected in the VIA header are listed in the host names and the ports properties to satisfy the isTargetInterceptor method.
The previous VIA header information was split onto two lines for illustrative purposes only.
For more information about the com.ibm.websphere.security.webseal.ignoreProxy property, see Configuring single signon using trust association interceptor ++.
Migrating product-provided trust association interceptors
The properties that are located in the webseal.properties and trustedserver.properties files are not migrated from previous versions of WebSphere Application Server. You must migrate the appropriate properties to WebSphere Application Server Version 6.0.x using the trust association panels in the administrative console. For more information, see Configuring trust association interceptors.
Changes to the custom trust association interceptors
If the custom interceptor extends the com.ibm.websphere.security.WebSphereBaseTrustAssociationInterceptor property, implement the following new method to initialize the interceptor:
public int init (java.util.Properties props);
WebSphere Application Server checks the return status before using the trust association implementation. Zero (0) is the default value for indicating that the interceptor is successfully initialized.
The public int init (java.util.Properties props method replaces the public int init (String propsFile) method.
The init(Properties) method accepts a java.util.Properties object, which contains the set of properties that is required to initialize the interceptor. All of the properties set for an interceptor are sent to this method. The interceptor can then use these properties to initialize itself. For example, in the product-provided implementation for the WebSEAL server, this method reads the hosts and ports so that a request coming in can be verified to come from trusted hosts and ports. A return value of Zero (0) implies that the interceptor initialization is successful. Any other value implies that the initialization is not successful and the interceptor is not used.
com.ibm.websphere.security.trustassociation.initPropsFile= app_server_root/properties/myTAI.properties
The previous line of code is split into two lines for illustrative purposes only. Type as one continuous line.
In a Network Deployment installation, where the location of the file name can vary for different nodes, use the variable install_root to refer to the WebSphere Application Server installation directory.
However, it is highly recommended that your implementation be changed to implement the init(Properties) method instead of relying on the init (String propsfile) method.
Migrating custom trust association interceptors
The trust associations from previous versions of WebSphere Application Server are not automatically migrated to WebSphere Application Server Version 6.0.x and later. You can manually migrate these trust associations using the following steps:
In this information ...Related tasks
| IBM Redbooks, demos, education, and more(Index) |