Configuring container-managed EIS signon

In WebSphere® Application Server Version 6 and later, the container-managed authentication is superseded by the specification of a login configuration on the resource-reference mapping at deployment time.

About this task

The <res-auth>Container</res-auth> directive in the application deployment descriptor file that you set in your Rational® or WebSphere development environment is replaced by the setting of the resource reference that is used by your application.
Configuring container-managed EIS signon consists of:
  1. Creating a Java™ Authentication and Authorization Service (JAAS) authentication data entry alias to be used to provide the user ID and password used for EIS signon.
  2. Configuring your application or connection factory to use the appropriate JAAS authentication alias.

To configure for container-managed EIS signon:

Procedure

  1. Create a JAAS - J2C authentication data entry alias and specify the user ID and password.
    1. In the WebSphere Application Server administrative console, click Security.
    2. Click Global security.
    3. In the global security page, under the Authentication section, click to expand Java Authentication and Authorization Service and then click J2C authentication data.
    4. In the JAAS - J2C authentication data page, click New.
    5. Specify an alias name, and specify the user ID and the password to be used by your application for signon when connecting to IMS.
      Figure 1. Specification of a security alias to use for J2C authentication
      This diagram shows the specification of an alias name, and the user ID and the password to use for this security alias.
    6. Click OK, and click Save at the top of the page.
  2. Configure your application or connection factory to use the appropriate JAAS authentication alias.
    • To configure an application, in the administrative console:
      1. Click Applications > Application Types (for example, WebSphere enterprise applications).
      2. Click the name of your application from the list of applications.
      3. Under the References section, click Resource references.
      4. Click Modify Resource Authentication Method.
      5. Select the authentication method, and select the module in the table that the authentication method applies to.
        Figure 2. Specification of the authentication method for your application
        This diagram shows the specification of an authentication method and the security alias to use for the selected application.
        Tip: When no authentication is specified, the deprecated container-managed authentication alias on the data source or connection factory is used. Use the online help that is provided to assist you with your configuration.
      6. Click Apply, and click Save to save the changes.
    • To configure a connection factory, in the administrative console:
      1. Click Resources > Resource adapters > J2C connection factories.
      2. Click the name of the connection factory.
      3. Specify the component-managed authentication alias, or the container-managed authentication alias.
        Figure 3. Specification of the security setting and authentication alias for a J2C connection factory
        This diagram shows the specification of the security setting for a J2C connection factory.
        Tip: The container-managed authentication alias field is used only in the absence of a login configuration on the component resource reference. Use the online help that is provided to assist you with your configuration.
      4. Click OK, and click Save at the top of the page to save the changes.
    Tip: The process for configuring container-managed signon in a stand-alone WebSphere Application Server is the same as the process for a WebSphere Application Server in a unit test environment.