Enable JASPI authentication using the Map JASPI provider option during application deployment

WAS v8.5 > Develop applications > Develop security > Develop extensions to the WebSphere security infrastructure > Implement a custom authentication provider using JASPI
Enable JASPI authentication using the Map JASPI provider option during application deployment

An administrator or deployer can use the Map JASPI Provider option during application deployment to associate web applications and specific web modules with an existing Java Authentication SPI (JASPI) authentication provider as defined in the security configuration. This association can also be made when editing the options for a previously installed application.

Before you perform this task, verify that a JASPI authentication provider is defined as part of the global or domain security configuration. Read about Configure a new JASPI authentication provider for more information. By default, an application inherits the JASPI settings defined in the WebSphere Application Server global or domain security configuration, and web modules inherit the application setting. However, we can override these default values using the Map JASPI Provider option during application deployment. Use this option to associate a specific JASPI provider from the global or domain security configuration with the entire application or with specific web modules. We can also use this option to specify that JASPI authentication not be used for an application or specific web module.
To associate a web application or specific web modules with an existing JASPI provider:

From the dmgr console, click Applications > New Application > New Enterprise Application. Complete the required steps until you see the step for Map JASPI Provider, or click the Map JASPI Provider step from the installation options. A list containing the application name and associated web modules is displayed. To update a JASPI provider association after an application has been deployed, click Applications > Application Types > WebSphere enterprise applications, and then select the application to be modified. Click JASPI Provider under the Detail properties.
Select the application or specific web module for which the JASPI provider setting is to be modified.

Click the Select JASPI Provider menu and select one of the following options:

Do not use JASPI

Select to disable JASPI authentication for the selected web module or for the application.

Inherit JASPI provider

Select to inherit the JASPI authentication settings from default values in the cell or domain security configuration, as appropriate.
When Inherit JASPI provider is selected for a web module, JASPI authentication settings for the selected module are the settings specified for the application.
When Inherit JASPI provider is selected for the application, JASPI authentication settings are the settings specified in the appropriate cell or domain security configuration.

Provider name

When a specific provider name is selected, that provider name is used to perform authentication of web requests for the selected application or web module.

Complete the remaining steps to finish installing and deploying the application.

Verify that your server has been restarted to ensure the configuration changes to define the JASPI provider take effect. Read about Configure a new JASPI authentication provider for more information.

Related

Implement a custom authentication provider using JASPI
Configure a new JASPI authentication provider
Modify an existing JASPI authentication provider
Delete a JASPI authentication provider

Reference:

JaspiManagement command group for AdminTask
JASPI authentication providers page
JASPI authentication provider details

+
Search Tips | Advanced Search