Setting Up the JAAS Configuration File
Set up one configuration file per JVM. A JAAS configuration file comprises the following:
One or more login contexts.
One or more login modules in each login context. Login modules are listed in the order they should be called by the application.
Classification of login modules, defined using flags such as required, requisite, or optional.
Parameters that specify the type of authentication to use, such as check_crl_status=true.
Comments that provide useful information about the file contents.
Different types of Principals are derived from an available Subject. The Principals architecture in Security Infrastructure is based on an abstract class called AbstractSagPrincipal, and all other SAG Principals extend it. Security Infrastructure provides some implemented classes for common use cases; these classes are SagUserPrincipal, SagGroupPrincipal, SagRolePrincipal, LightWeightPrincipal. Security Infrastructure returns no or only one user Principal for the authenticated user. Many applications expect one and only one SagUserPrincipal as the result of a successful authentication. However, a different expected behavior cannot be excluded. Make sure you configure the login contexts accordingly.