+

Search Tips   |   Advanced Search

 

Configure a custom trust association interceptor

 

How to configure a custom trust association interceptor (TAI). Before you can configure a custom TAI, enable global security after you install the following software:

  1. WAS version 6.1

  2. Tivoli Directory Server version 5.2

  3. Verify that LTPA is configured for use on your server by selecting Security > Secure administration, applications, and infrastructure > Authentication mechanisms. In the Configuration tab on the Authentication mechanisms and expiration page you should see the Password field already filled in.

 

Overview

To configure a custom TAI, you may want to familiarize yourself with the general TAI information contained in the Trust Associations documentation. You also may want to refer to the Developing a custom trust association interceptor topic for information about the Java class extensions.

The JAR file that contains your custom TAI should be deployed in the appserver environment in a location that is accessible by the security portions of the appserver runtime. They reside in the WASProductDir/plugins directory for the appserver nodes. You may encounter problems if you try to place your TAI under a shared library for just the appserver.

To configure your custom TAI, complete the following steps (for more details, see the "TAI usage" section of IBM WebSphere Developer Technical Journal: Advanced authentication in WAS):

 

Procedure

  1. Install your TAI JAR file in the WASProductDir/plugins directory.

  2. From the console, navigate to Security > Secure administration, applications, and infrastructure

  3. Under Authentication, expand Web security and click on Trust association.

  4. On the Configuration tab, under General properties, make sure the Enable trust association box is checked. Then click Apply.

  5. To create the new custom class, navigate to Trust association > Configuration tab (see step 4 above) and under Additional properties, click Interceptors.

  6. Click New and enter the fully qualified class name to your custom TAI class, and click Apply.

  7. If your TAI depends on custom properties, navigate to Trust association > Configuration tab (see step 4 above) and under Additional properties, click Interceptors. Select your Interceptor class name list. In the Configuration tab that opens, click on Custom properties Type the name and value pairs for the properties on which your TAI depends, and click Apply.

  8. Save the configuration, and then restart your server to make your TAI fully operational.

 

Related concepts


Trust associations

 

Related tasks


Browse all SIP topics
Developing a custom trust association interceptor
Configure security for the SIP container