Each security module has a control flag that determines how the overall authentication process behaves. The control flag value indicates whether the success of the security module is:
Required – the LoginModule is required to succeed. If it succeeds or fails, authentication still continues to proceed down the LoginModule list.
Requisite – the LoginModule is required to succeed. If it succeeds, authentication continues down the LoginModule list. If it fails, control immediately returns to the application (authentication does not proceed down the LoginModule list).
Sufficient – the Login Module is not required to succeed. If it does succeed, control immediately returns to the application (authentication does not proceed down the LoginModule list). If it fails, authentication continues down the LoginModule list.
Optional – the LoginModule is not required to succeed. If it succeeds or fails, authentication still continues to proceed down the LoginModule list.