Distributed: [AIX MacOS Linux Windows]

Configuring TAI on Liberty by using developer tools

You can configure a TAI service for Liberty using developer tools.

Before you begin

For a description of the underlying process of configuring a server, and detailed information about specific aspects of server configuration, see Administering Liberty manually.

Avoid trouble: There are several security configuration examples on the Open Liberty website for reference when configuring security for your applications on Liberty.

Procedure

  1. Select the parent Trust Association Interceptor and enter an ID name.
    In this example, the ID name is myTrustAssociation.
    This is a screen capture of adding a Trust Association Interceptor service.
  2. Select the child Trust Association Interceptor and configure the Class name which is the fully qualified name of your TAI implementation class, then click the arrow next to the Add button and select Global Element to enter the shared library information.
    In this example, the class name is com.ibm.websphere.security.sample.SimpleTAI, and Enable interceptor and Invoke an interceptor before SSO are checked.
    This is a screen capture of adding a Trust Association interceptor.
  3. Enter the ID for the shared library in the popup window and click OK.
    In this example, the ID corresponds to the name of the shared library, simpleTAI.
    This is a screen capture of adding a shared library.
  4. Configure the Name and Description fields for the shared library, then click the arrow next to the Add button and select Child Element to add a fileset reference as a child element.
    This is a screen capture of configuring a shared library child element.
  5. Configure the Fileset. Click Browse in the Base directory field and select the directory where the JAR file is located. Then, click Browse in the Includes pattern field to select your JAR file that contains your TAI implementation.
    In this example, the TAI implementation JAR file is simpleTAI.jar and is located under the ${server.config.dir} directory.
    This is a screen capture of locating the TAI implementation jar file.
  6. Configure Interceptor properties details by clicking Add to add properties for the interceptor.
    In this example, there are two pairs of properties for the interceptor. The hostName is machine1 and the application is test1.
    This is a screen capture of configuring interceptor properties.
  7. Save the configuration. You can find the following configuration saved in the server.xml file. 
    <trustAssociation id="myTrustAssociation" invokeForUnprotectedURI="false" 
                  failOverToAppAuthType="false"> 
    <interceptors id="simpleTAI" enabled="true"  
                  className="com.ibm.websphere.security.sample.SimpleTAI" 
                  invokeBeforeSSO="true" invokeAfterSSO="false" libraryRef="simpleTAI"> 
        <properties hostName="machine1" application="test1"/> 
    </interceptors> 
</trustAssociation> 

<library id="simpleTAI"> 
    <fileset dir="${server.config.dir}" includes="simpleTAI.jar"/> 
</library>