Configuring a JAAS custom login module for Liberty
You can configure a custom Java™ Authentication and Authorization Service (JAAS) login module before or after you have configured the Liberty server login module.
Before you begin
We support the server.xml file,
client.xml file and the JAAS configuration file for JAAS configuration.
However, it is suggested to configure the JAAS custom login module in the
server.xml file or client.xml file. For further details
about configuring the JAAS configuration file, see Configuring an application JAAS custom login context entry and login module using a JAAS configuration file for Liberty.
Make sure you have a JAR file containing the JAAS custom login module, which implements the javax.security.auth.spi.LoginModule interface as described in Developing JAAS custom login modules for a system login configuration. In this topic, JAAS custom login module uses hashtable, callbacks or shared state variables provided by the Liberty server to pass authentication data to the system login module.
About this task
You can use a custom login module to either make additional authentication decisions or add information to the subject to make finer-grained authorization decisions inside your application. See JAAS configuration and JAAS login modules for a more detailed overview.
You can also use the developer tools to configure a custom JAAS login module. See Configuring JAAS on Liberty by using developer tools. There are several security configuration examples on the WASdev.net website for reference when configuring security for your applications on Liberty. See Configuring JAAS on Liberty by using developer tools.
To configure a JAAS custom login module, complete the following steps: