Language and Page Formatting Options
6.4. Identification and Authentication
Each user is assigned a unique user identifier. Access control decisions and auditing use this identifier. JBoss EAP authenticates the user's claimed identity before allowing the user to perform any actions. After successful authentication JBoss EAP associates the identifier with the thread spawned for the user.
JBoss EAP provides different identification and authentication mechanisms for various request types.
- HTTP and Web Services
- HTTP-basic authentication, HTTP-digest authentication, form-based authentication, client certificate based authentication.
- username and password based authentication, client certificate based authentication.
- username and password based authentication.
JBoss EAP uses JBoss SX framework to implement identification and authentication. The JBossSX framework utilizes the Java Authentication and Authorization Service (JAAS) provided by the Java Virtual Machine. The authentication capabilities of JAAS are used to implement the declarative role-based J2EE security model.
The following authentication back-ends are configurable with the JAAS modules.
- File-based storage
- Databases accessible through JDBC
Password quality can be enforced with configuration options for the JAAS modules provided by JBoss EAP.
For information on how to configure the JAAS modules, refer to the Using JBoss Login Modules section of the Server Configuration Guide.