Authentication on the J2EE Engine is performed using predefined authentication classes, referred to as login modules. A login module contains an implementation Java class that defines the authentication logic. For more information, see Login Modules.
On the J2EE Engine you can use or define groups of login modules that contain different authentication logic. Such groups are referred to as login module stacks.
Each login module stack enables you to choose different combinations of authentication for applications you create or for each of the components on the J2EE Engine with applied security restrictions. For more information, see Login Module Stacks.
The various components on the J2EE Engine, for example, J2EE applications, services, or modules, are registered with the Security Provider service so that you can apply security restrictions to them. The set of security restrictions for a component, which comprises of authentication and authorization rules, is referred to as a policy configuration.
You can use a login module stack for a component as an authentication template for other components. You can simply configure one login module stack and apply it to another registered component. For more information, see Managing Login Modules and Managing Policy Configurations.