Universal Messaging 10.11 | Concepts | Security | Authentication | Server JAAS Authentication with Software AG Security Infrastructure | Enabling JAAS Authentication
 
Enabling JAAS Authentication
By default the Universal Messaging server is configured to use a JAAS context named UM-Default. This JAAS context is pre-configured to use the Software AG default internal user repository as an authentication back-end.
The JAAS context UM-Default, as well as JAAS contexts for LDAP, X.509 and others, are all defined in a file jaas.conf, that resides under the server's bin directory at <InstallDir>/UniversalMessaging/server/<InstanceName>/bin.
The server configuration file Server_Common.conf (again under the server's bin directory) defines the path to the JAAS configuration file as the value of the system property java.security.auth.login.config. The name of the JAAS context to be used for authentication is configured through the system property Nirvana.auth.server.jaaskey.
Note:
When the property Nirvana.auth.server.jaaskey is present, the server will use JAAS authentication, overriding any configured legacy directory-based authenticators.
The default values that Server_Common.conf defines for its related Universal Messaging server instance are:
-DNirvana.auth.enabled=N
-DNirvana.auth.mandatory=N
-DNirvana.auth.server.jaaskey=UM-Default
-Djava.security.auth.login.config=jaas.conf
Important:
In order to enable the server authentication, you need to switch the flag Nirvana.auth.enabled to Y. Additionally, in order to make authentication mandatory, you need to switch the flag Nirvana.auth.mandatory to Y. The changes will take effect at the next restart of the Universal Messaging server.