8.4. Custom Trust Association Interceptor
The application server can be configured to use a third-party product to provide authentication services, while continuing to perform authorisation. These products are often referred to as reverse proxy servers. To delegate the role of authentication to a reverse proxy, two conditions must be met.
The reverse proxy must provide a Trust Association Interceptor, which WebSphere will use to receive requests from the reverse proxy server.
A trust association between WebSphere and the reverse proxy must be established.
In order to provide an interceptor, the com.ibm.websphere.security.TrustAssociationInterceptor interface, which defines three methods, must be implemented.
public boolean isTargetInterceptor(HttpServletRequest) ...
Get IBM WebSphere V5.0 Security: WebSphere Handbook Series now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
