Specifies the name of the JAAS system or application
login
configuration.
Do not remove the predefined system
or application login configurations.
However, within these configurations, you can add module class names
and specify the order in which the application server loads each module.
Preconfigured system login configurations
The
following predefined system login configurations are defined on the
system logins panel, which is accessible by completing the following
steps:
- Click .
- Expand Java Authentication
and Authorization
Service, click System logins.
- system.wssecurity.IDAssertionUsernameToken
- Enables a Version 6.x application to use identity assertion to
map a user name to an application server credential principal.
- system.wssecurity.IDAssertion
- Enables an application to use identity assertion to map a user
name to an application server credential principal.
- system.wssecurity.Signature
- Enables
an application to map a distinguished name (DN) in a signed
certificate to an application server credential principal.
- system.LTPA_WEB
- Processes login requests
used by the web container such as servlets
and JavaServer Pages (JSP) files.
- system.WEB_INBOUND
- Handles logins for web application
requests, which include servlets
and JavaServer Pages (JSP) files.
- system.RMI_INBOUND
- Handles logins for inbound Remote Method
Invocation (RMI) requests.
- system.DEFAULT
- Handles the logins for inbound requests
that are made by internal
authentications and most of the other protocols ecept web applications
and RMI requests.
- system.RMI_OUTBOUND
- Processes RMI requests that are sent outbound to another server
when either the com.ibm.CSI.rmiOutboundLoginEnabled or the com.ibm.CSIOutboundPropagationEnabled
properties are true. These properties are set in the Common
Secure Interoperability Version 2 (CSIv2) authentication panel.
To
access the panel, click . Epand RMI/IIOP
security, click CSIv2 Outbound authentication.
To set the com.ibm.CSI.rmiOutboundLoginEnabled property,
select the Custom outbound mapping option.
To set the com.ibm.CSIOutboundPropagationEnabled property,
select the Security attribute propagation option.
- system.wssecurity.509BST
- Verifies an
.509 binary security token (BST) by checking the validity
of the certificate and the certificate path.
- system.wssecurity.PKCS7
- Verifies an .509 certificate with a certificate revocation list
in a Public Key Cryptography Standards #7 (PKCS7) object.
- system.wssecurity.PkiPath
- Verifies an .509 certificate
with a public key infrastructure
(PKI) path.
- system.wssecurity.UsernameToken
- Verifies basic authentication (user name and password).
Application login configurations
The
following
predefined application login configurations are defined on the Application
logins panel, which is accessible by completing the following steps:
- Click .
- Expand Java Authentication
and Authorization
Service, click Application logins.
- ClientContainer
- Specifies the login configuration
that is used by the client container
application. This application uses the CallbackHandler API that is
defined in the deployment descriptor of the client container.
- WSLogin
- Specifies whether all applications
can use the WSLogin configuration
to perform authentication for the application server security run
time.
- DefaultPrincipalMapping
- Specifies
the login configuration that is used by Java 2
Connectors (J2C) to map users to principals
that are defined in the J2C authentication data entries.