Simple WebSphere authentication mechanism (deprecated)

The Simple WebSphere® authentication mechanism (SWAM) defines rules about security information and the format of how security information is stored in both credentials and tokens. SWAM is intended for simple, non-distributed, single application server runtime environments.

Note: SWAM was deprecated in WebSphere Application Server Version 8.0 and will be removed in a future release.

The single application server restriction is due to the fact that SWAM does not support forwardable credentials. If a servlet or enterprise bean in application server process 1, invokes a remote method on an enterprise bean living in another application server process 2, the identity of the caller identity in process 1 is not transmitted to server process 2. What is transmitted is an unauthenticated credential, which, depending on the security permissions configured on the EJB methods, can cause authorization failures.

Because SWAM is intended for a single application server process, single sign-on (SSO) is not supported.

The SWAM authentication mechanism is suitable for simple environments, software development environments, or other environments that do not require a distributed security solution.




Related concepts
Security attribute propagation
Related tasks
Authenticating users
Selecting an authentication mechanism
Concept topic Concept topic    

Terms of Use | Feedback

Last updatedLast updated: Sep 19, 2011 5:16:49 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-base-iseries&topic=csecswam
File name: csec_swam.html