Configure login modules
Login modules are defined in <loginModule> elements in authenticationConfig.xml.
The <loginModules> element contains a separate <loginModule> subelement for each login module.
The <loginModule> element has the following attributes:
Attribute Description name Mandatory. The unique name by which realms reference the login module. audit Optional. Defines whether login attempts that use the login module are logged in the audit log. The log file is Worklight Project Name/server/log/audit/audit.log. Valid values are:
- true
- Login and logout attempts are logged in the audit log.
- false
- Default. Login and logout attempts are not logged in the audit log.
The <loginModule> element has the following subelements:
Element Description <className> Mandatory. The class name of the login module. For details of the supported login modules, see the following topics.
<parameter> Optional. An initialization property of the login module. The supported properties and their semantics depend on the login module class. This element can occur multiple times.
- Non-validating login module
The non-validating login module accepts any user name and password passed by the authenticator.
- Single identity login module
The single identity login module is used to grant access to a protected resource to a single user, the identity of which is defined in worklight.properties. Use this module only for test purposes.
- Header login module
The Header login module is always used with the Header authenticator. It validates the request by looking for specific headers.
- WASLTPAModule login module
The WASLTPAModule login module enables integration with WebSphere Application Server LTPA mechanisms.
- LDAP login module
Use the LDAP login module to authenticate users against LDAP servers, for example Active Directory, or OpenLDAP.
Parent topic: MobileFirst security framework