Configuring JAAS for database authentication
You can use Java™ Authentication and Authorization Service (JAAS) for database authentication.
About this task
You can use a JAAS login context entry to specify a custom login module to use for setting the user name and password to authenticate to a database.
Procedure
- Add the appSecurity-2.0, jdbc-4.0, and
jca-1.6 features in the server.xml file. You can also add
appSecurity-2.0, jdbc-4.1, and jca-1.7. For
example:
<featureManager> <feature>appSecurity-2.0</feature> <feature>jdbc-4.0</feature> <feature>jca-1.6</feature> </featureManager>
- Configure a jaasLoginContextEntry element in the
server.xml file with the login module to use. For example:
<jaasLoginContextEntry id="myJAASLoginEntry" name="myJAASLoginEntry" loginModuleRef="myLoginModule" /> <jaasLoginModule id="myLoginModule" className="my.package.MyLoginModule" controlFlag="REQUIRED" libraryRef="customLoginLib"/> <library id="customLoginLib"> <fileset dir="${server.config.dir}" includes="MyLoginModule.jar"/> </library>
- Configure the dataSource element's jaasLoginContextEntry
attribute with the id of the jaasLoginContextEntry element configured in step 2.
For example:
<dataSource id="ds1" jndiName="jdbc/ds1" jdbcDriverRef="DB2" jaasLoginContextEntry="myJAASLoginEntry" .../>
- As an alternative to step 3, you can configure a custom-login-configuration
element in the deployment descriptor ibm-web-bnd.xml file of your application.
The name attribute must match the id attribute for jaasLoginContextEntry that is
defined in the server.xml file. For example:
<resource-ref name="jdbc/ds1ref" binding-name="jdbc/ds1"> <custom-login-configuration name="myJAASLoginEntry"> <property name="property1" value="value1"/> </custom-login-configuration> </resource-ref>
Parent topic: Securing Liberty and its applications


http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-libcore-mp&topic=twlp_config_jaas_db_auth
File name: twlp_config_jaas_db_auth.html