You can develop a custom TAI as a Liberty feature by implementing the
com.ibm.wsspi.security.tai.TrustAssociationInterceptor interface provided in the
Liberty server and creating a product
extension.
About this task
For a general view of custom TAI, see Developing a custom TAI for Liberty.
For more information
about product extensions, see Liberty: Product extension.
Avoid trouble: If you have multiple TAIs,
you can configure all of them by using either the user feature or
the shared library. Do not mix the two TAI configurations.
Procedure
- Implement the custom TAI. For more information, see Developing a custom TAI for Liberty.
- Convert the implementation class into an OSGi service. You can do the conversion in one of the following ways:
- Convert your custom TAI class into a Declarative Service (DS)
component. For more information, see Declaring your services to OSGi Declarative Services.
- Make sure that you have the TAI initialized as necessary when
your service is activated since the initialize method will not be
called explicitly when implemented as a feature.
- Write a new custom TAI class that is a DS component and delegate
it to your custom TAI class.
- Register the custom TAI class directly in the Service Registry
(SR) by using the OSGi core APIs. For more information, see Working with the OSGi service registry.
- Package the custom TAI as an OSGi bundle and export the
custom TAI service. For information on creating an OSGi bundle, see Creating an OSGi service bundle.
- Create a feature manifest to include the OSGi bundle. For
more information about feature manifest file, see Liberty feature manifest files.
- After the feature is installed into the user product extension
location, configure the server.xml file with
the feature name. For example:
<featureManager>
...
<feature>usr:customTaiSample-1.0</feature>
</featureManager>