Operating Systems: i5/OS
             Personalize the table of contents and search results

 

Configure a custom trust association interceptor

 

How to configure a custom trust association interceptor (TAI). Before you can configure a custom TAI, enable global security after you install the following software:

  1. WebSphere Application Server version 6.1

  2. Tivoli Directory Server version 5.2

  3. Verify that Lightweight Third Party Authentication (LTPA) is configured for use on your server by selecting Security > Secure administration, applications, and infrastructure > Authentication mechanisms. In the Configuration tab on the Authentication mechanisms and expiration page you should see the Password field already filled in.

 

Overview

To configure a custom TAI, you may want to familiarize yourself with the general TAI information contained in the Trust Associations documentation. You also may want to refer to the Developing a custom trust association interceptor topic for information about the Java class extensions.

The JAR file that contains your custom TAI should be deployed in the application server environment in a location that is accessible by the security portions of the application server runtime. They reside in the WASProductDir/plugins directory for the application server nodes. You may encounter problems if you try to place your TAI under a shared library for just the application server.

To configure your custom TAI, complete the following steps (for more details, see the "TAI usage" section of IBM WebSphere Developer Technical Journal: Advanced authentication in WebSphere Application Server):

 

Procedure

  1. Install your TAI JAR file in the WASProductDir/plugins directory.

  2. From the WebSphere Application Server administrative console, navigate to Security > Secure administration, applications, and infrastructure

  3. Under Authentication, expand Web security and click on Trust association.

  4. On the Configuration tab, under General properties, make sure the Enable trust association box is checked. Then click Apply.

  5. To create the new custom class, navigate to Trust association > Configuration tab (see step 4 above) and under Additional properties, click Interceptors.

  6. Click New and enter the fully qualified class name to your custom TAI class, and click Apply.

  7. If your TAI depends on custom properties, navigate to Trust association > Configuration tab (see step 4 above) and under Additional properties, click Interceptors. Select your Interceptor class name list. In the Configuration tab that opens, click on Custom properties Type the name and value pairs for the properties on which your TAI depends, and click Apply.

  8. Save your configuration, and then restart your server to make your TAI fully operational.



}

 

Related concepts


Trust associations

 

Related tasks


Browse all SIP topics
Developing a custom trust association interceptor
Configuring security for the SIP container