Configuring JAAS Authentication with HTTP Headers

You can configure Universal Messaging to use custom HTTP headers in the form of key value pairs from the client HTTP connection request for JAAS authentication. When you enable this authentication method, the server passes the HTTP headers to the JAAS login context that you have specified in the jaas.conf configuration file in the Software AG_directory \UniversalMessaging\server\instance_name\bin directory. The login context must contain one or more custom login modules that are implemented using the Software AG Security Infrastructure (SIN) component.

To use JAAS authentication with HTTP headers, you must perform the following tasks:

1. Create a custom authentication module that will read and process the specified HTTP headers. The implementation of the module must be based on the SIN login module SagAbstractLoginModule. For more information about creating a custom login module using SagAbstractLoginModule, see Software AG Infrastructure Administrator's Guide.

2. Create a login context in the jaas.conf file and add your custom module to it. For more information about working with the JAAS configuration file, see Software AG Infrastructure Administrator's Guide.

3. Enable JAAS authentication with HTTP headers in Universal Messaging. For more information about how to enable authentication, see Enabling Authentication with HTTP Headers.