The Java™ Authentication and Authorization Service (JAAS)
version 1.0 extends the Java 2 Security Architecture of the Java 2
Platform with additional support for authentication and for enforcing access
control upon users. The development environment supports the JAAS architecture
and extends the access control architecture to support role-based authorization
for J2EE resources including servlet, JSP, and EJB components. JAAS maps an
authenticated WebSphere® user
identity to a set of user authentication data (user ID and password) for a
specified back-end Enterprise Information System (EIS).
Prerequisite
- Create an enterprise application and target the server to WebSphere Application
Server v6.0.
To add JAAS authentication, follow these steps:
- Switch to the J2EE perspective.
- In the Project Explorer view, expand the Enterprise
Applications folder.
- Under the enterprise application project folder for which you want
to add JAAS authentication, double-click the Deployment Descriptor to
open the Application Deployment Descriptor editor.
- Select the Deployment tab at the bottom
of the editor.
- Expand the Authentication section.
- Click the Add button beside the JAAS authentication
entries list table. The Add JAAS Authentication Entry dialog box
opens.
- In the dialog box, fill in an alias, user id, password, and description
for the authentication entry. For example, you could enter the
alias, DB2® user
id, and DB2 password
to access a DB2 database.
For more information about any of the fields on this dialog box, select the
field and then press F1. Click OK.
- Save your changes and close the editor. A JAAS authentication
alias has been added to the deployment descriptor files.