1. Topics:
  2. Extending security
  3. |
  4. Deprecated security functions
  1. Modules:
  2. NONE
  3. |
  4. Using iWidgets with WebSphere sMash

Extending token support

IBM® WebSphere® sMash's authentication provides a pluggable token handling framework to support custom token implementations.

Implement a token service handler

For each of the following event names, implement a handler:
attachToken
Creates a new token
validateToken
Validates a token
invalidateToken
Handles the logout of a user by invalidating the token
The following example shows the settings for configuring a custom token named customToken in the application or library zero.config file: 
/config/security/token/tokenType="customToken"
/config/handlers += [{
	"events" : ["attachToken", "invalidateToken","validateToken"],
	"handler" : "custom.CustomTokenService.class", 
	"conditions" : "/config/security/token/tokenType == customToken"
}]
The token type must be set in the GlobalContext at /config/security/token/tokenType.

The method by which users extend the default token support was rewritten after WebSphere sMash 1.0 was released. If by chance, you were an early adopter for extending token support, please refer to the Deprecated security functions section of the Developer's Guide. Currently, the previously documented way for extending token support will continue to work but we suggest migrating to the latest method detailed above.

Version 1.1.0.0.21442