1. Topics:
  2. Extending security
  3. |
  4. Leveraging Trust Association Interceptors (TAIs)
  1. Modules:
  2. NONE
  3. |
  4. Command line interface tasks

Extending token support

IBM® WebSphere® sMash's authentication provides a pluggable token handling framework to support custom token implementations.

Implement a token service handler

For each of the following event names, implement a handler:

<tokenType>Attach
Creates a new token
<tokenType>Validate
Validates a token
<tokenType>Logout
Handles the logout of a user
The details of the <tokenType> token are described in the following section. You can register the handler in your library or in the application's zero.config file as a handler for those events. For example, if your tokenType is customToken, you would implement a handler with the following methods:
onCustomTokenAttach
Creates a new CustomToken token
onCustomTokenValidate
Validates a CustomToken token
onCustomTokenLogout
Handle logout processing
The following example shows the settings for configuring a custom token named CustomToken in the application or library zero.config file: 
/config/security/token/tokenType="customToken"
/config/handlers += [{
        "events" : ["customTokenAttach", "customTokenValidate", 
                       "customTokenLogout"],
        "handler" : "custom.CustomTokenService.class"
}]

The token type must be set in the GlobalContext at /config/security/token/tokenType.

Version 1.0.0.3.25591