Versions Compared

Old Version 20

changes.mady.by.user Oliver Wulff

Saved on

compared with

New Version 21

changes.mady.by.user Oliver Wulff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

A Trust Authentication Interceptor (TAI) is a pluggable security component that is installed and configured at the IBM WebSphere Application Cell level. As such, any managed server on the Cell will have this component installed in and activated once defined in the WAS Security configuration.
A TAI implements the WAS specific interface com.ibm.wsspi.security.tai.TrustAssociationInterceptor. The WAS specific API for security layer customization is explained in details at the following:

http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=%2Fcom.ibm.websphere.base.doc%2Finfo%2Faes%2Fae%2Frsec_taisubcreate.htmlImage Removed

The Fediz Plugin for Websphere provides a TAI implementation which leverages the Fediz Core.

...

The file defined in groups.mapping.file must have the following structure:

Code Block
xmlxml
titleroleGroupMapping.xml
borderStylesolid
xml
<?xml version="1.0" encoding="UTF-8"?>
<mapping>
  <samlToJ2EE>
    <claim>User</claim>
    <groups>
      <j2eeGroup>Authenticated</j2eeGroup>
      <j2eeGroup>Users</j2eeGroup>
    </groups>
  </samlToJ2EE>
  <samlToJ2EE>
    <claim>Manager</claim>
      <groups>
        <j2eeGroup>Manager</j2eeGroup>
        <j2eeGroup>Authenticated</j2eeGroup>
      </groups>
  </samlToJ2EE>
  <samlToJ2EE>
    <claim>Admin</claim>
      <groups>
        <j2eeGroup>Admin</j2eeGroup>
        <j2eeGroup>Authenticated</j2eeGroup>
      </groups>
  </samlToJ2EE>
</mapping>

...