Set trust association using scripting
Use wsadmin to configure trust association configurations in a multiple security domain environment. Trust association enables the integration of the WAS security and third-party security servers. More specifically, a reverse proxy server can act as a front-end authentication server while WAS applies its own authorization policy onto the resulting credentials that are passed by the proxy server.
You must meet the following requirements before configuring a trust association:
- You must have the administrator or new admin role.
- Enable global security in the environment.
- Set multiple realms using security domains in the environment.
Use wsadmin with Jython to run...
### 1. Create a trust association for the myDomain security domain
### 2. Configure the trust association to act as a reverse proxy server
AdminTask.configureTrustAssociation('-securityDomainName myDomain -enable true')
### Modify an existing interceptor.
AdminTask.configureInterceptor('[-interceptor com.ibm.ws.security.web.TAMTrustAssociationInterceptorPlus -securityDomainName testDomain -customProperties ["com.ibm.websphere.security.trustassociation.types=webseal", "com.ibm.websphere.security.webseal.loginId=websealLoginID","com.ibm.websphere.security.webseal.id=iv-user"]]')
### Save the configuration changes
AdminConfig.save()
Related tasks
Set single sign-on using trust association
Trust associations
Set security domains using scripting
Mapping resources to security domains using scripting
Remove resources from security domains using scripting
Remove security domains using scripting
Related
SecurityConfigurationCommands