I'm using WebSphere Application 8.5.5.17.
After switching to custom Trust association interceptor (TAI) from webgate, IBM Websphere does not generate LtpaToken2 for Single-sign on. The TAI is loading just fine without any issue.
Are there extra settings that need to be done?
Since the TAI is loading fine, it's probably having an issue during its runtime. The TAI must execute successfully in order for WebSphere to produce an LtpaToken2. I found some documentation here that explains how to enable the debug property for the TAI, which might help in terms of finding out what's going wrong: https://docs.oracle.com/cd/E29542_01/doc.1111/e17852/manage_was_oamiap.htm#THIRD4077
WebSphere also has the following trace specification that will show the TAI being invoked during web requests, but won't show any actual TAI activity (because the TAI itself is not WebSphere code): =info:com.ibm.ws.security.web.=all