JAAS in WebSphere
JAAS exploits both authentication and authorization services by implementing a Java version of the standard Pluggable Authentication Module (PAM) framework, and extends the access control architecture of the Java 2 platform in a compatible fashion to support user-based authorization or principal-based authorization.
JAAS configuration can be performed from the Administrative Console. JAAS configuration is originally written in plain text files. Although the plain file configuration is still available and supported in WebSphere, it is recommended that you use the Administrative Console.
WSSubject (com.ibm.websphere.security.auth.WSSubject) is an extension to the original Subject. The WSSubject implementation can return the subject in the running thread using the getSubject() method inside a doAs() method. This is not the case with the original JAAS V1.0 implementation.
Proxy LoginModule is responsible for loading the actual LoginModule. The reason for a proxy loader is to resolve class visibility. The proxy is an internal component, it is not going to effect application developers or administrators.