Login Modules and Login Module
Stacks
Login Module
Authentication on the AS Java is performed using predefined authentication classes, compliant with the Java Authentication and Authorization Service (JAAS) specification and referred to as login modules. A login module contains an implementation Java class that defines the authentication logic. The AS Java is delivered with a set of standard login modules that you can extend with custom login module development.
For more
information, see
Login Modules and
Managing Login
Modules.
Authentication Stacks and Policy Configurations
The AS Java enables you to define different authentication logic by using groups of login modules in authentication stacks. Each login module stack, or authentication stack, enables you to choose different combinations of authentication for each of the AS Java components or the applications you create and deploy to the AS Java.
The use of authentication stacks is specified in the policy configurations for the AS Java applications. The various components on the AS Java, for example, Java applications, services, or modules, are registered with the Security Provider service so that you can apply security restrictions to them. The set of security restrictions for a component, which includes authentication and authorization rules, is referred to as a policy configuration.
For more
information, see
Policy Configurations
and Authentication Stacks.
Authentication Templates
The AS Java enables you to use a set of standard authentication stacks as templates for enforcing authentication checks for standard authentication mechanisms, for example for SSO with logon tickets.
You can extend the standard authentication templates by registering new authentication stacks. Thereby, you can simply configure one login module stack and apply it to another registered component.
For more
information, see
Managing Authentication Policy for AS Java
Components.