Novell ACCESS MANAGER 3.1 SP2 - J2EE AGENT GUIDE 2010 Manual page 78

7 Select Interceptors.
8 Remove both default TAI modules:
com.ibm.ws.security.web.TAMTrustAssociationInterceptorPlus
com.ibm.ws.security.web.WebSealTrustAssociationInterceptor
9 Click New.
10 Specify the following Interceptor class name:
com.novell.consulting.nl.accessmanager.tai.Roller
11 Select Apply.
12 Select Custom Properties.
13 Select New to add the following name/value pairs:
user-name-header = X-Novell-TAI-UserName
user-id-header = X-Novell-TAI-UID
secret-header = X-Novell-TAI-ID
secret-value = 23870790790732232
cache-key-header = X-Novell-TAI-Cookie
role-header = X-Novell-TAI-Roles
role-separator = ;
presentation-container =
update-connection = ldap://<ldapserver DNS name>:389
update-user =
(for example, cn=wpstaibind,ou=Admins,ou=Services,o=MyOrg)
update-password = <password of wpstaibind user>
update-container = <Container where groups are to be stored>
ou=Groups,o=MyOrg)
update-roles = role1;role2;role3;role4;
do not embed white space in role names)
presentation-roles = wasadmins
debug-level = info
14 Save the changes.
WebSphere Portal Server and WebSphere Application Server need to be restarted before the TAI is
enabled. Logging is placed in the
78 Novell Access Manager 3.1 SP2 J2EE Agent Guide
(Use whatever value you want)
(for example, ou=Groups,o=MP)
Provide the DN of user in the same format that was created in eDirectory
SystemOut.log
(Roles should be separated by semicolons;
file.
(for example,