Chapter 16. Java Authentication SPI for Containers (JASPI)

16.1. About Java Authentication SPI for Containers (JASPI) Security

Java Authentication SPI for Containers (JASPI or JASPIC) is a pluggable interface for Java applications. It is defined in JSR-196 of the Java Community Process. Refer to for details about the specification.

16.2. Configure Java Authentication SPI for Containers (JASPI) Security

You can authenticate a JASPI provider by adding <authentication-jaspi> element to your security domain. The configuration is similar to that of a standard authentication module, but login module elements are enclosed in a <login-module-stack> element. The structure of the configuration is:

Example: Structure of the authentication-jaspi Element

    <login-module-stack name="...">
      <login-module code="..." flag="...">
        <module-option name="..." value="..."/>
    <auth-module code="..." login-module-stack-ref="...">
      <module-option name="..." value="..."/>

The login module itself is configured the same way as a standard authentication module.

The web-based management console does not expose the configuration of JASPI authentication modules. You must stop the JBoss EAP running instance completely before adding the configuration directly to the EAP_HOME/domain/configuration/domain.xml file or the EAP_HOME/standalone/configuration/standalone.xml file.