Add and receive the custom authentication token during WebSphere
Application Server logins. This task is typically accomplished
by adding a custom login module to the various application and system login
configurations. However, to deserialize the information you must plug in a
custom login module. After the object is instantiated in the login module,
you can add the object to the Subject during the commit method.If you only
want to add information to the Subject to get propagated, see Propagating a custom Java serializable object. If you want to ensure that
the information is propagated, do your own custom serialization, or specify
the uniqueness for Subject caching purposes, consider writing your own authentication
token implementation.
The code sample in Example: A custom authentication token login module, shows how
to determine if the login is an initial login or a propagation login. The
difference between these login types is whether the WSTokenHolderCallback
callback contains propagation data. If the callback does not contain propagation
data, initialize a new custom authentication token implementation and set
it into the Subject. If the callback contains propagation data, look for your
specific custom authentication token TokenHolder instance, convert the byte
array back into your custom AuthenticationToken object, and set it back into
the Subject. The code sample shows both instances.
You can make your
authentication token read-only in the commit phase of the login module. If
you do not make the token read-only, attributes can be added within your applications.