Over time, you may need to modify or replace authentication infrastructure due to deficiencies, enhancements, or applications requiring a different security policy. EAServer support for JAAS login modules simplifies replacement and modification of the underlying authentication mechanism.
Configure domain-wide login modules that are used to authenticate clients trying to gain access to applications, Web applications, and servlets/JSPs. The JAAS login method (see “Login methods”) points to the JAAS configuration file, which determines the login module to use for a specific domain.
Based on the contents of the configuration file, EAServer invokes any specified login modules. If a login module is not defined, JAAS is bypassed and the server uses the regular mechanism, if any, for authentication. For example, if credentials are passed to a server and no login module is defined, the server uses operating system authentication, if enabled.
If a login module is defined, it overrides any other authentication service that may be installed, and passes the request for authentication to the login module.
