Before you begin
Changes to the product-provided trust association interceptors
HTTP/1.1 Fred (Proxy), 1.1 Sam (Apache/1.1),
HTTP/1.1 webseal1:7002, 1.1 webseal2:7001
Migrating product-provided trust association interceptors
The properties located in the webseal.properties and trustedserver.properties files are not migrated from previous versions of the WebSphere Application Server. You must migrate the appropriate properties to WebSphere Application Server Version 6 using the trust association panels in the administrative console. For more information, see Configuring trust association interceptors.Changes to the custom trust association interceptors
If the custom interceptor extends, com.ibm.websphere.security.WebSphereBaseTrustAssociationInterceptor, then implement the following new method to initialize the interceptor:
public int init (java.util.Properties props);
WebSphere Application Server checks the return status before using the Trust Association implementation. Zero (0) is the default value for indicating the interceptor was successfully initialized.
The public int init (java.util.Properties props); method replaces the public int init (String propsFile) method.
The init(Properties) method accepts a java.util.Properties object which contains the set of properties required to initialize the interceptor. All the properties set for an interceptor (by using the Custom Properties link for that interceptor or using scripting) will be sent to this method. The interceptor can then use these properties to initialize itself. For example, in the product provided implementation for the WebSEAL server, this method reads the hosts and ports so that a request coming in can be verified to come from trusted hosts and ports. A return value of 0 implies that the interceptor initialization is successful. Any other value implies that the initialization was not successful and the interceptor will not be used.
All the properties set for an interceptor (by using the Custom Properties link in the administrative console for that interceptor or using scripting) is sent to this method. The interceptor can then use these properties to initialize itself. For example, in the product-provided implementation for the WebSEAL server, this method reads the hosts and ports so that an incoming request can be verified to come from trusted hosts and ports. A return value of 0 implies that the interceptor initialization is successful. Any other value implies that the initialization was not successful and the interceptor is ignored.
com.ibm.websphere.security.trustassociation.initPropsFile=
C:/WebSphere/AppServer/properties/myTAI.properties
The previous line of code was split into two lines due to the width of the screen. Type as one continuous line.
In Network Deployment, where the location of the file name can vary for different nodes, use the variable ${USER_INSTALL_ROOT} to refer to the WebSphere Application Server installation directory.
However, it is highly recommended that your implementation be changed to implement the init(Properties) method instead of relying on init (String propsfile) method.
Migrating custom trust association interceptors
The trust associations from previous versions of WebSphere Application Server are not automatically migrated to WebSphere Application Server Version 6.0.x. Users can manually migrate these trust associations using the following steps:
Steps for this task
For more information, refer to the "Changes to the custom trust association interceptors" section previously discussed in this document.
%WAS_HOME%/java/bin/javac -classpath %WAS_HOME%/lib/wssec.jar;
%WAS_HOME%/lib/j2ee.jar <your implementation file>.java
In Network Deployment, you must copy this class file into the class path of each node and cell.
Related tasks
Configuring trust association interceptors