The entire set of session creation methods of the Universal Messaging client and admin APIs for Java (nsp/nsps/nhp/nhps, native and JMS) have overloaded variants that accept username/password credentials which are then supplied to the Universal Messaging server.

The Universal Messaging server enables those credentials to be authenticated against pluggable Directory backends (ranging from LDAP to flat files) or by means of JAAS-based methods (based on user-configurable pluggable modules).

Note that authentication does not supplant the traditional Universal Messaging ACLs and is merely an additional security step performed before the relevant ACLs are evaluated and applied.

The exchange of user credentials can be performed by means of either SASL (embedded within the Universal Messaging SDK) or JAAS (controlled by user-configurable pluggable modules).

The configuration is determined by a set of Java system properties on both the client and server side, the latter typically centralized in the nserver.conf or nserverdaemon.conf configuration file. nserver.conf is used if you start the realm server manually, e.g. from the command line. nserverdaemon.conf is used if you start the realm server as a Windows service or as a UNIX daemon.