Authentication Mechanisms and Single Sign-On
Integration
The J2EE Engine implements the Java Authentication and Authorization Service (JAAS) standard to support various authentication methods. This enables you to choose the authentication mechanisms in your applications based on your authentication needs or requirements.
Applications running on the J2EE Engine can either use declarative or programmatic authentication. Both types of authentication rely on the same underlying technology, login modules and login module stacks. Programmatic authentication extends declarative authentication by using authentication schemes, which allow you to prioritize login module stacks and specify user interfaces for collecting authentication information.
SAP ships login modules and authentication schemes to support various authentication mechanisms. The following sections describe these concepts:
● Declarative and Programmatic Authentication
Explains the difference between declarative (container-based) authentication and programmatic (UME) authentication. The type of authentication that an application uses has consequences for the login module stack it uses and on where you configure authentication.
● Login Modules and Login Module Stacks
Here we provide conceptual information about login modules and login module stacks. Login modules define the authentication logic. Login module stacks enable you to define the sequence of authentication logic performed for an application.
Here we provide conceptual information on authentication schemes.
● Integration in Single Sign-On Environments
Here you can find an overview of the integration of the AS-Java authentication mechanisms in Single Sign-On environments.
See also:
Administration Manual:
Development Manual:
●
Authentication
for Web Applications Users on the J2EE Engine