In WebSphere® Application
Server Version
6 and later, the container-managed authentication is superseded by
the specification of a login configuration on the resource-reference
mapping at deployment time.
About this task
The
<res-auth>Container</res-auth> directive
in the application deployment descriptor file that you set in your Rational® or WebSphere development environment is replaced
by the setting of the resource reference that is used by your application.
Configuring
container-managed EIS signon consists of:
- Creating a Java™ Authentication
and Authorization Service (JAAS) authentication data entry alias to
be used to provide the user ID and password used for EIS signon.
- Configuring your application or connection factory to use the
appropriate JAAS authentication alias.
To configure for container-managed EIS signon:
Procedure
- Create a JAAS - J2C authentication data entry alias and
specify the user ID and password.
- In the WebSphere Application
Server administrative
console, click .
- Click Global security.
- In the global security page, under the Authentication section,
click to expand Java Authentication and Authorization Service and
then click J2C authentication data.
- In the JAAS - J2C authentication data page, click New.
- Specify an alias name, and specify the user ID and the
password to be used by your application for signon when connecting
to IMS™.
Figure 1. Specification of a security alias to use for
J2C authentication
- Click OK, and click Save at
the top of the page.
- Configure your application or connection factory to use
the appropriate JAAS authentication alias.
- To configure an application, in the administrative console:
- Click (for example, WebSphere
enterprise applications).
- Click the name of your application from the list of applications.
- Under the References section, click Resource references.
- Click Modify Resource Authentication Method.
- Select the authentication method, and select the module in the
table that the authentication method applies to.
Figure 2. Specification of the authentication method for your application
Tip: When no authentication is specified, the deprecated
container-managed authentication alias on the data source or connection
factory is used. Use the online help that is provided to assist you
with your configuration.
- Click Apply, and click Save to
save the changes.
- To configure a connection factory, in the administrative console:
- Click .
- Click the name of the connection factory.
- Specify the component-managed authentication alias, or the container-managed
authentication alias.
Figure 3. Specification of
the security setting and authentication alias for a J2C connection
factory
Tip: The container-managed authentication alias
field is used only in the absence of a login configuration on the
component resource reference. Use the online help that is provided
to assist you with your configuration.
- Click OK, and click Save at
the top of the page to save the changes.
Tip: The process for configuring container-managed
signon in a stand-alone WebSphere Application
Server is the same
as the process for a WebSphere Application
Server in a unit
test environment.