Writing a custom System Authorization Facility (SAF) mapping module with non-local operating system
You can customize Java™ Authentication and Authorization (JAAS) login configurations by writing a customized login mapping module.
Before you begin
About this task
If a non-local operating system registry is configured and the Authorization option is selected, you must install a mapping class followed by the com.ibm.ws.security.common.auth.module.MapPlatformSubject login module. A sample mapping class, com.ibm.websphere.security.SampleSAFMappingModule, is shipped with WebSphere Application Server and can be used as a starting point. The mapping class must be placed in the JAAS configuration to provide mapping from a registry other than local operating system to a SAF user ID prior to enabling administrative security. The Authorization option is accessible by completing the following steps:
Procedure
- Click Security > Global security.
- Under Additional properties, click z/OS® SAF properties.
What to do next
See other articles about JAAS and SAF.