This topic applies only on the z/OS operating system.

Writing a custom System Authorization Facility (SAF) mapping module with non-local operating system

You can customize Java Authentication and Authorization (JAAS) login configurations by writing a customized login mapping module.

Before you begin

The WebSphere Application Server ltpaLoginModule module and the AuthenLoginModule module use the shared state to save state information with the capability to allow LoginModules can modify state information. The ltpaLoginModule initializes the callback array in the login() method using the following code. The callback array is created by ltpaLoginModule only if an array is not defined in the shared state area.

About this task

If a non-Local OS registry is configured and the Authorization option is selected, you must install a mapping class followed by the com.ibm.ws.security.common.auth.module.MapPlatformSubject login module. The mapping class must be placed in the JAAS configuration to provide mapping from a registry other than Local OS to a SAF user ID prior to enabling global security. The Authorization option is accessible by completing the following steps:

Procedure

  1. Click Security > Global security.
  2. Under Additional properties, click z/OS SAF properties.

What to do next

See other articles about JAAS and SAF.




In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Sep 20, 2010 10:03:57 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-nd-zos&topic=tsec_writesafmapmods
File name: tsec_writesafmapmods.html