The first time you sign into developerWorks, a profile is created for you. Select information in your profile (name, country/region, and company) is displayed to the public and will accompany any content you post. You may update your IBM account at any time.
All information submitted is secure.
The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.
Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.
Shane Weeden is a senior software engineer with the IBM Tivoli Federated Identity Manager development team. He has worked in IT security since 1992, and since 2000 has been working with Tivoli Security products including Tivoli Access Manager for eBusiness and Tivoli Federated Identity Manager. Shane now divides his time between customer focused engagements and core product development activities. He holds a Bachelor of Information Technology from the University of Queensland in Australia. (An IBM developerWorks Professional Author)
Ann-Louise Blair is a Software Engineer in the IBM Australia Development Laboratory. She has four years experience working in the IT industry and holds a Bachelor of Software Engineering degree from the University of Queensland. Having worked in both testing and development roles in the Gold Coast Integration Factory team, Ann-Louise has gained expertise working with many Tivoli software products.
Jiayue (Simon) Chen was going to devote his career to building robots until he realized that sniffing fumes from a soldering iron could cause more harm than good. So instead, he's now working as a staff software engineer with the Tivoli Federated Identity Manager development team, where the radiation from the computers in his office keeps him warm. Simon graduated from Georgia Tech with an B.S. in Electrical Engineering and has been with IBM full-time since 2006. His technical interests include Eclipse and OSGi.
Summary: In this tutorial, we will walk through the complete development process for creating a custom trust service (aka Security Token Service or STS) plug-in for Tivoli® Federated Identity Manager (TFIM) 6.2.
Customers might develop their own plug-ins for a variety of reasons including advanced user mapping and attribute gathering capabilities, or to support validation and issuing proprietary security token types.
This tutorial will use as a working example a simple mapping module which adds a configurable name/value parameter pair as an attribute to the TFIM Trust Service's STSUniversalUser.
For those readers familiar with developing STS modules for previous versions of TFIM (see Developing Custom STS Modules),
the development interfaces are largely unchanged; however, the packaging and deployment is different as TFIM 6.2 has now moved to an Open Services Gateway Initiative (OSGi) plug-in framework for extensions.
This OSGi plug-in framework is used for developing a variety of supported extension points in TFIM, including the STSModule extension point which is the focus of this tutorial.