Customizing application login with Java Authentication and Authorization Service

Using Java™ Authentication and Authorization Service (JAAS), you can customize your application login.

About this task

Java Authentication and Authorization Service (JAAS) is an API that enables applications to access authentication and access control services without being tied to those services. The following topics explaining customizing your application with JAAS are covered in this section:

1. Develop programmatic logins with JAAS.
   1. You can develop programmatic logins with JAAS, which represents the strategic application programming interfaces (API) for authentication.
2. Configure programmatic logins with JAAS.
   1. A new JAAS login configuration can be added and modified using the administrative console. The changes are saved in the cell-level security document and are available to all managed application servers.
3. Customize an application login to perform an identity assertion using JAAS.
   1. Using the JAAS login framework, you can create a JAAS login configuration that can be used to perform login to an identity assertion.
4. Configure a server-side JAAS authentication and login configuration.
   1. WebSphere® Application Server supports plugging in a custom JAAS login module before or after the WebSphere Application Server system login module. However, WebSphere Application Server does not support the replacement of the WebSphere Application Server system login modules, which are used to create the WSCredential credential and WSPrincipal principal in the Subject. By using a custom login module, you can either make additional authentication decisions or add information to the Subject to make additional, potentially finer-grained, authorization decisions inside a Java Platform, Enterprise Edition (Java EE) application.