This new framework defined for JAAS support in WebSphere Application Server includes:
* well-defined interfaces for altering the user subject
* enhanced Trusted Association Interceptor (TAI) support
* explicit documentation for the WebSphere Application Server login process
* the ability to assert complete user credentials to WebSphere Application Server (including group information)
* replication of subjects in a distributed environment
plus a number of beneficial extensions to the security programming model.
This article will describe these new features in detail. The next sections provide some background on the fundamentals of the WebSphere Application Server authentication process and an overview of JAAS, then the remainder of the article will describe the most important aspects of these features as they relate to authentication.
For more details, please visit the url below:
[url]http://www.ibm.com/developerworks/websphere/techjournal/0508_benantar/0508_benantar.html[/url]