The Simple WebSphere authentication mechanism (SWAM) is intended
for simple, non-distributed, single application server run-time environments.
The single application server restriction is due to the fact that SWAM does
not support
forwardable credentials. If a servlet or enterprise bean
in application server process 1, invokes a remote method on an enterprise
bean living in another application server process 2, the identity of the caller
identity in process 1 is not transmitted to server process 2. What is transmitted
is an unauthenticated credential, which, depending on the security permissions
configured on the EJB methods, can cause authorization failures.
Since SWAM
is intended for a single application server process, single signon (SSO) is
not supported.
The SWAM authentication mechanism is suitable for simple
environments, software development environments, or other environments that
do not require a distributed security solution.
Note: SWAM
is not a configurable option when Network Deployer is installed. If you have
Network Deployer installed, use Lightweight Third Party Authentication (LTPA)
as the authentication mechanism.