These steps are required to use either a WebSEAL trust association
interceptor or your own trust association interceptor with a reverse proxy
security server.
About this task
WebSphere Application Server enables you to use multiple trust association
interceptors. The Application Server uses the first interceptor that can handle
the request.
Procedure
- Access the administrative console.
Type http://fully_qualified_host_name:port_number/ibm/console in a Web browser.
Port 9060 is the default port number for accessing the
administrative console. During installation, however, you might have specified
a different port number. Use the appropriate port number.
- Click Security > Global security.
- Under Authentication, click Authentication
mechanisms > LTPA.
- Under Additional properties, click Trust
association.
- Select the Enable trust association option.
- Under Additional properties, click Interceptors. The
default value appears.
- Verify that the appropriate trust association interceptors are
listed. If you need to use a WebSEAL trust association interceptor,
see Configuring single sign-on using the trust association interceptor
or Configuring single sign-on using trust association interceptor ++
. If you are not using WebSEAL and need to use a different
interceptor, complete the following steps:
- Select both the com.ibm.ws.security.web.WebSealTrustAssociationInterceptor and
the com.ibm.ws.security.web.TAMTrustAssociationInterceptorPlus class
name and click Delete.
- Click New and specify a trust association interceptor.
Results
Enables trust association.
What to do next
- If you are enabling security, make sure that you complete the remaining
steps for enabling security.
- Save, stop and restart all of the product servers (deployment managers,
nodes and Application Servers) for the changes to take effect.