search

OpenLiberty / docs

See Open Liberty documentation on https://openliberty.io/docs/
https://openliberty.io/docs/
Other
12 stars 46 forks source link

disableLtpaCookie for shared library and user feature TAI document #1554

Open utle opened 4 years ago

utle commented 4 years ago

We need document for WLP https://github.com/OpenLiberty/open-liberty/issues/9445

utle commented 4 years ago

I this article https://www.ibm.com/support/knowledgecenter/SSEQTP_liberty/com.ibm.websphere.wlp.doc/ae/twlp_feat_tai.html We need to add the following before the Procedure

The custom TAI as a Liberty feature are supported properties invokeBeforeSSO and invokeAfterSSO. If these two properties are not specify. The custom TAI will be called after single sign-on (SSO) . You can define these properties using the @Component annotation or OSGI manifest file:

Sample of specify the property using the @Component annotation: 

@Component(service = { TrustAssociationInterceptor.class }, immediate = true, configurationPolicy = ConfigurationPolicy.IGNORE, name = "SampleTAI", property = { "service.vendor=IBM", "type=SampleTAI", "id=SampleTAI", "TAIName=SampleTAI", "invokeBeforeSSO:Boolean=true" })
public class SampleTAI implements TrustAssociationInterceptor {
....
}

Sample of specify the property with the OSGI manifest file:

<?xml version="1.0" encoding="UTF-8"?>
  <scr:component xmlns:scr="http://www.osgi.org/xmlns/scr/v1.3.0" name="sampleTAI" configuration-policy="ignore" immediate="true" activate="activate" deactivate="deactivate" modified="modified">
    <property name="service.vendor" type="String" value="IBM"/>
    <property name="type" type="String" value="SampleTAI"/>
    <property name="id" type="String" value="SampleTAI"/>
    <property name="TAIName" type="String" value="SampleTAI"/>
    <property name="invokeBeforeSSO" type="Boolean" value="true"/>
    <service>
    <provide interface="com.ibm.wsspi.security.tai.TrustAssociationInterceptor"/>
    </service>
        <implementation class="com.mycomp.SampleTAI"/>
  </scr:component>
chirp1 commented 4 years ago

I discussed the info in this issue further with Ut. Here is a little more background/clarification:

We have two way to implement custom TAI in Liberty, custom TAI as a shared library, the other is custom TAI as Liberty feature.

The custom TAI as a Liberty feature that has two properties invokeBeforeSSO and invokeAfterSSO. If the invokeBeforeSSO property is specified, the custom TAI as a Liberty feature is called before single sign-on. If the invokeAfterSSO property is specified, the custom TAI as a Liberty feature is called after single sign-on. By default, the custom TAI is called after single sign-on