Implement tokens for security attribute propagation

As part of an extensible architecture, WebSphere Application Server enables you to implement our own tokens in which to propagate security attributes.

The following topics are covered in this section:

• Implement a custom propagation token

• Implement a custom authorization token

• Implement a custom a single sign-on token

• Implement a custom authentication token

• Propagating a custom Java serializable object

Subtopics

• Implement a custom propagation token for security attribute propagation
  This topic explains how you might create our own propagation token implementation, which is set on the running thread and propagated downstream.

• Implement a custom authorization token for security attribute propagation
  This task explains how you might create our own AuthorizationToken implementation, which is set in the login Subject and propagated downstream.

• Implement a custom single sign-on token for security attribute propagation
  We can create our own single sign-on token implementation. The single sign-on token implementation is set in the login Subject and added to the HTTP response as an HTTP cookie.

• Implement a custom authentication token for security attribute propagation
  This topic explains how you might create our own authentication token implementation, which is set in the login Subject and propagated downstream.

• Propagating a custom Java serializable object for security attribute propagation
  This document describes how to add an object into the Subject from a login module and describes other infrastructure considerations to verify the Java object gets propagated.

Related tasks

Develop extensions to the WebSphere security infrastructure