SagAbstractLoginModule
SagAbstractLoginModule is the basic login module in
Security Infrastructure. It provides you with a commit() method that uses the global configuration parameters. See
Define the Login Modules for details.
You can extend this login module to create your own login modules. You can use this login module to create the SagUserPrincipals with the information stored in the shared map through the authentication process.
When setting up the JAAS configuration, keep in mind the following basics:
The
Security Infrastructure-based login contexts return zero or only one SagUserPrincipal if the authentication succeeds. When setting up the JAAS configuration, keep in mind that some applications expect only one SagUserPrincipal as the result of a successful authentication. If your application expects more than one user principal, you must configure the login context accordingly.
Keeping the password in clear text in the Subject.privateCredentials may constitute a security risk, depending on how the Subject is handled. However, there are use cases where the password needs to be accessible through the Subject, so you must store the password only if needed.