Configuring a custom trust association interceptor

How to configure a custom trust association interceptor (TAI).

Before you begin

Before you can configure a custom TAI, you must enable global security after you install the following software:
  1. WebSphere Application Server version 6.1
  2. Tivoli Directory Server version 5.2
  3. Verify that Lightweight Third Party Authentication (LTPA) is configured for use on your server by selecting Security > Secure administration, applications, and infrastructure > Authentication mechanisms . In the Configuration tab on the Authentication mechanisms and expiration page you should see the Password field already filled in.

About this task

To configure a custom TAI, you may want to familiarize yourself with the general TAI information contained in the Trust Associations documentation. You also may want to refer to the Developing a custom trust association interceptor topic for information about the Java class extensions.

The Java archive (JAR) file that contains your custom TAI should be deployed in the application server environment in a location that is accessible by the security portions of the application server runtime. They reside in the app_server_root/lib/ext directory for the application server nodes. You may encounter problems if you try to place your TAI under a shared library for just the application server.

To configure your custom TAI, complete the following steps (for more details, see the "TAI usage" section of IBM WebSphere Developer Technical Journal: Advanced authentication in WebSphere Application Server):

Procedure

  1. Install your TAI JAR file in the app_server_root/lib/ext directory.
  2. From the WebSphere Application Server administrative console, navigate to Security > Secure administration, applications, and infrastructure
  3. Under Authentication, expand Web security and click on Trust association.
  4. On the Configuration tab, under General properties, make sure the Enable trust association box is checked. Then click Apply.
  5. To create the new custom class, navigate to Trust association > Configuration tab (see step 4 above) and under Additional properties, click Interceptors.
  6. Click New and enter the fully qualified class name to your custom TAI class, and click Apply.
  7. If your TAI depends on custom properties, navigate to Trust association > Configuration tab (see step 4 above) and under Additional properties, click Interceptors. Select your Interceptor class name list. In the Configuration tab that opens, click on Custom properties Type the name and value pairs for the properties on which your TAI depends, and click Apply.
  8. Save your configuration, and then restart your server to make your TAI fully operational.



In this information ...


Related concepts

IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 30, 2013 6:03:36 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-base-iseries&topic=tsip_cfgsecuctai
File name: tsip_cfgsecuctai.html