My webMethods Server provides hooks for developers to provide their own custom authentication schemes. To develop a custom authentication scheme, create a portlet, implement the correct interfaces, and register it with the server. Once created, the new authentication scheme participates in the security infrastructure just like any other authentication scheme that is provided as part of My webMethods Server.

My webMethods Server has a concept of a default authentication scheme that is applied to an entire deployment. A newly configured server uses forms as its default authentication scheme. The server challenges initial requests for protected resources with a form requiring the user to type a user name and password.

At any time, you can change the default authentication scheme for a server to one of the registered authentication schemes. For more information, see Specifying a Default Authentication Scheme.

Every server resource can have an authentication scheme that overrides the setting for the entire deployment. For example, you might have one set of pages and portlets that are completely anonymous and others that require user credentials to be presented. You would do this by associating the anonymous authentication scheme with the resources that do not require authentication. For information on managing authentication schemes for individual server resources, see Assigning an Authentication Scheme to a Server Resource.