The JAAS
LoginModule API is used for token validation
on the request receiver side of the message. You can implement a custom
LoginModule API to perform validation of the custom token on the request
receiver of the message. After the token is verified and validated,
the token is set as the caller and then run as the identity in the WebSphere Application Server runtime. The
identity is used for authorization checks by the containers before
a Java Platform, Enterprise Edition (Java EE) resource is invoked. The following
list presents the default
AuthMethod configurations
provided by WebSphere Application Server:
- BasicAuth
- Validates a user name token.
- Signature
- Maps the distinguished name
(DN) of a verified certificate to
a Java Authentication and Authorization Service
(JAAS) subject.
- IDAssertion
- Maps
a trusted identity to a JAAS subject.
- LTPA
- Validates an LTPA token that is received in the message and creates
a JAAS subject.