The JAAS shared state provides sharing of both user ID and password between authentication modules. Options are defined for each authentication module for:
Realm (or, Oraganization)
User
Service
Role
Upon failure, the module prompts for its required credentials. After failed authentication, the module stops running, or the logout shared state clears.
To configure the JAAS shared state:
Use the iplanet-am-auth-shared-state-enabled option.
The usage for the shared state option is:iplanet-am-auth-shared-state-enabled=true
The default for this option is true.
This variable is specified in the Options column of the authentication chaining configuration.
Upon failure, the authentication module will prompt for the required credentials as per the tryFirstPass option behavior suggested in the JAAS specification.
To configure the JAAS shared state store option:
Use the iplanet-amauth-store-shared-state-enabled option.
The usage for the store shared state option is:iplanet-am-auth-store-shared-state-enabled=true
The default for this option is false.
This variable is specified in the Options column of the authentication chaining configuration.
After a commit, an abort or a logout, the shared state will be cleared.