Open utle opened 4 years ago
I this article https://www.ibm.com/support/knowledgecenter/SSEQTP_liberty/com.ibm.websphere.wlp.doc/ae/twlp_feat_tai.html We need to add the following before the Procedure
The custom TAI as a Liberty feature are supported properties invokeBeforeSSO and invokeAfterSSO. If these two properties are not specify. The custom TAI will be called after single sign-on (SSO) . You can define these properties using the @Component
annotation or OSGI manifest file:
Sample of specify the property using the @Component annotation:
@Component(service = { TrustAssociationInterceptor.class }, immediate = true, configurationPolicy = ConfigurationPolicy.IGNORE, name = "SampleTAI", property = { "service.vendor=IBM", "type=SampleTAI", "id=SampleTAI", "TAIName=SampleTAI", "invokeBeforeSSO:Boolean=true" })
public class SampleTAI implements TrustAssociationInterceptor {
....
}
Sample of specify the property with the OSGI manifest file:
<?xml version="1.0" encoding="UTF-8"?>
<scr:component xmlns:scr="http://www.osgi.org/xmlns/scr/v1.3.0" name="sampleTAI" configuration-policy="ignore" immediate="true" activate="activate" deactivate="deactivate" modified="modified">
<property name="service.vendor" type="String" value="IBM"/>
<property name="type" type="String" value="SampleTAI"/>
<property name="id" type="String" value="SampleTAI"/>
<property name="TAIName" type="String" value="SampleTAI"/>
<property name="invokeBeforeSSO" type="Boolean" value="true"/>
<service>
<provide interface="com.ibm.wsspi.security.tai.TrustAssociationInterceptor"/>
</service>
<implementation class="com.mycomp.SampleTAI"/>
</scr:component>
I discussed the info in this issue further with Ut. Here is a little more background/clarification:
We have two way to implement custom TAI in Liberty, custom TAI as a shared library, the other is custom TAI as Liberty feature.
The custom TAI as a Liberty feature that has two properties invokeBeforeSSO and invokeAfterSSO. If the invokeBeforeSSO property is specified, the custom TAI as a Liberty feature is called before single sign-on. If the invokeAfterSSO property is specified, the custom TAI as a Liberty feature is called after single sign-on. By default, the custom TAI is called after single sign-on
We need document for WLP https://github.com/OpenLiberty/open-liberty/issues/9445