Java Authentication and Authorization service configuration entry settings:

Java Authentication and Authorization service configuration entry settings

Use this page to specify a list of Java Authentication and Authorization Service login configurations for the application code to use, including enterprise beans, Java Server Pages files, servlets and resource adapters.
Security > JAAS Configuration > Application Login Configuration.

Reading the JAAS documentation in the InfoCenter before you begin defining additional login modules for authenticating to the WebSphere Application Server security run time is strongly recommended. One can define additional login configurations for your applications. However, if the WebSphere Application Server LoginModule ( com.ibm.ws.security.common.auth.module.WSLoginModuleImpl ) is not used or the LoginModule does not produce a credential that is recognized by WebSphere Application Server, then the WebSphere Application Server security run time cannot use the authenticated subject from these login configurations for an authorization check for resource access.

Note: You must invoke Java client programs that use JAAS for authentication with a JAAS configuration file specified. The WebSphere product supplies the default JAAS configuration file, wsjaas_client.conf under the /opt/WebSphere/properties" directory. This configuration file is set in the //opt/WebSphere/bin/launchClient.bat file as: set JAAS_LOGIN_CONFIG=-Djava.security.auth.login.config=%WAS_HOME%\properties\wsjaas_client.conf
If launchClient.bat file is not used to invoke Java client programs, make sure the appropriate JAAS configuration file is passed to the Java Virtual Machine with the -Djava.security.auth.login.config flag.

ClientContainer

Specifies the login configuration used by the client container application, which uses the CallbackHandler API defined in the client container deployment descriptor.
ClientContainer is the default login configuration for the WebSphere Application Server. Do not remove this default, as other applications that use it fail.

Default: ClientContainer

DefaultPrincipalMapping

Specifies the login configuration used by Java 2 Connectors to map users to principals that are defined in the J2C Authentication Data Entries.
DefaultPrincipalMapping is the default login configuration for the WebSphere Application Server. Do not remove this default, as other applications that use it fail. The DefaultPrincipalMapping login configuration authenticates users for the WebSphere Application Server security run time. Use credentials from the authenticated subject returned from this login configuration as an authorization check for access to WebSphere Application Server resources.

Default: ClientContainer

WSLogin

Specifies whether all applications can use the WSLogin configuration to perform authentication for the WebSphere Application Server security run time.
This login configuration does not honor the CallbackHandler defined in the client container deployment descriptor. To use this functionality, use the ClientContainer login configuration.
WSLogin is the default login configuration for the WebSphere Application Server. Do not remove this default, as other applications that use it fail. This login configuration authenticates users for the WebSphere Application Server security run time. Use credentials from the authenticated subject returned from this login configurations as an authorization check for access to WebSphere Application Server resources.

Default: ClientContainer

JAAS
Administrative console buttons
Administrative console page features
Administrative console scope settings
Administrative console filter settings
Administrative console preference settings

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.

IBM is a trademark of the IBM Corporation in the United States, other countries, or both.