Authentication Mechanisms and Single Sign-On Integration

The AS Java implements the Java Authentication and Authorization Service (JAAS) standard to support various authentication methods. This enables you to choose the authentication mechanisms in your applications based on your authentication needs or requirements.

Applications running on the AS Java can use either declarative or programmatic authentication. Both types of authentication rely on the same underlying technology, login modules and login module stacks. Programmatic authentication also extends declarative authentication by using authentication schemes, which allow you to prioritize login module stacks and specify user interfaces for collecting authentication information.

SAP ships login modules and authentication schemes to support various authentication mechanisms. The following sections describe the underlying concepts:

Declarative and Programmatic Authentication
Explains the difference between declarative (container-based) authentication and programmatic (UME) authentication. The type of authentication that an application uses has consequences for the login module stack it uses and on where you configure authentication.
Login Modules and Authentication Stacks
Provides conceptual information about login modules and login module stacks. Login modules define the authentication logic, whereas authentication stacks enable you to define the sequence of login modules checked for authorizing access to an application.
Authentication Schemes
Provides conceptual information on authentication schemes.
Integration in Single Sign-On Environments
Provides an overview of the integration of the AS Java authentication mechanisms in Single Sign-On environments.