The Java Authentication and Authorization Service (JAAS) version 1.0 extends the Java 2 Security Architecture of the Java 2 Platform with additional support for authentication and for enforcing access control upon users. The development environment supports the JAAS architecture and extends the access control architecture to support role-based authorization for J2EE resources including servlet, JSP, and EJB components. JAAS maps an authenticated WebSphere user identity to a set of user authentication data (user ID and password) for a specified back-end Enterprise Information System (EIS).
To add JAAS authentication, follow these steps:
Switch to the J2EE Perspective.
In the Project Explorer view, expand the Enterprise Applications folder.
Under the enterprise application project folder for which you want to add JAAS authentication (Chapter4EAR), double-click the Deployment Descriptor to open the Application Deployment Descriptor editor.
Select the Deployment tab at the bottom of the editor.
Expand the Authentication section.
Click the Add button beside the JAAS authentication entries list table. The Add JAAS Authentication Entry dialog box opens.
In the dialog box, fill in an Alias, User id, Password, and Description for the authentication entry. For example, you could enter the alias, DB2 User id, and DB2 Password to access a DB2 database:
User id: db2admin
Password: [your DB2 password]
Description: Development DB2 User
Save your changes and close the editor. A JAAS authentication alias has been added to the deployment descriptor files.
Open Modify Data Source dialog, enter the following and click Finish:
Component managed authentication alias: Select db2user.