Component Authentication Requirements

The requirements for Java™ Authentication and Authorization Service (JAAS) authentication of components are:

  1. An implementation of the JAAS LoginModule class.
  2. A JAR file containing your custom Java class (component) and your LoginModule class implementation.
  3. A JAAS login configuration file. This file contains a section (a LoginContext section) for your component that specifies your LoginModule class implementation and the associated login configuration context. The following entries must appear in this section:
  4. When creating a component queue, the LoginContext section identifier you use must be entered as the Configuration Context value in the JAAS Credentials section of the Add Component Queue Wizard in the Process Configuration Console.

Example: The Content-Extended Operations Component

The Content-Extended Operations component (CE_Operations) is installed with the Process Engine for Content Engine and Content Manager operations. This component uses the following:

See CELoginModule for an HTML version of the source for this class. For links to Sun's related JAAS documentation, see the instructions for creating JAAS authentication modules.

A JAAS login configuration file must have a LoginContext section for the login configuration contexts that the LoginModule will use. For the CE_Operations component, the LoginContext section in the taskman.login.config file is named CELogin. This section identifies and locates the program module or modules that are used for logins by the CE_Operations component.

The CELogin section looks like this:

CELogin
{
    filenet.vw.server.VWLoginModule required routerurl="localhost:32771/vwrouter";	
    com.filenet.wcm.toolkit.server.operations.util.CELoginModule required credTag=Clear;
};

When creating a component queue, "CELogin" is entered as the Configuration Context value in the JAAS Credentials section of the Add Component Queue Wizard in the Process Configuration Console.