[8.5.5.9 or later]
This topic applies to WebSphere Application Server Liberty V8.5.5.9 and earlier. For the latest Liberty topics, see the WebSphere Application Server Liberty documentation.

Configuring JAAS for database authentication

You can use Java™ Authentication and Authorization Service (JAAS) for database authentication.

About this task

You can use a JAAS login context entry to specify a custom login module to use for setting the user name and password to authenticate to a database.

Procedure

  1. Add the appSecurity-2.0, jdbc-4.0, and jca-1.6 features in the server.xml file. You can also add appSecurity-2.0, jdbc-4.1, and jca-1.7. For example:
    <featureManager>
       <feature>appSecurity-2.0</feature>
       <feature>jdbc-4.0</feature>
       <feature>jca-1.6</feature>
    </featureManager>
  2. Configure a jaasLoginContextEntry element in the server.xml file with the login module to use. For example:
    <jaasLoginContextEntry id="myJAASLoginEntry" name="myJAASLoginEntry" loginModuleRef="myLoginModule" />
    	<jaasLoginModule id="myLoginModule" className="my.package.MyLoginModule" controlFlag="REQUIRED" libraryRef="customLoginLib"/>
    
    	<library id="customLoginLib">
    	  <fileset dir="${server.config.dir}" includes="MyLoginModule.jar"/>
            </library>
  3. Configure the dataSource element's jaasLoginContextEntry attribute with the id of the jaasLoginContextEntry element configured in step 2. For example:
    <dataSource id="ds1" jndiName="jdbc/ds1" jdbcDriverRef="DB2" 
                jaasLoginContextEntry="myJAASLoginEntry" .../>
  4. As an alternative to step 3, you can configure a custom-login-configuration element in the deployment descriptor ibm-web-bnd.xml file of your application. The name attribute must match the id attribute for jaasLoginContextEntry that is defined in the server.xml file. For example:
    <resource-ref name="jdbc/ds1ref" binding-name="jdbc/ds1">
       <custom-login-configuration name="myJAASLoginEntry">
         <property name="property1" value="value1"/>
       </custom-login-configuration>
    </resource-ref>

Icon that indicates the type of topic Task topic



Timestamp icon Last updated: Tuesday, 12 December 2017
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-libcore-mp&topic=twlp_config_jaas_db_auth
File name: twlp_config_jaas_db_auth.html