6.4. Identification and Authentication

download PDF
Each user is assigned a unique user identifier. Access control decisions and auditing use this identifier. JBoss Enterprise Application Platform authenticates the user's claimed identity before allowing the user to perform any actions. After successful authentication JBoss Enterprise Application Platform associates the identifier with the thread spawned for the user.
JBoss Enterprise Application Platform provides different identification and authentication mechanisms for various request types.
HTTP and Web Services
HTTP-basic authentication, HTTP-digest authentication, form-based authentication, client certificate based authentication.
Username and password-based authentication, and client certificate based authentication.
Username and password-based authentication.
Username and password-based authentication.
JMX Invokers
Username and password-based authentication.
JBoss Enterprise Application Platform uses JBoss SX framework to implement identification and authentication. The JBossSX framework utilizes the Java Authentication and Authorization Service (JAAS) provided by the Java Virtual Machine. The authentication capabilities of JAAS are used to implement the declarative role-based J2EE security model.
The following authentication back-ends are configurable with the JAAS modules.
  • File-based storage
  • BaseCertLoginModule
  • LDAP
  • Databases accessible through JDBC
Password quality can be enforced with configuration options for the JAAS modules provided by JBoss Enterprise Application Platform.
For information on how to configure the JAAS modules, refer to the "Using JBoss Login Modules" section of the JBoss Security Guide.
Red Hat logoGithubRedditYoutubeTwitter


Try, buy, & sell


About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.