The Java Authentication Service Provider Interface for Containers (JASPIC) specification (Java Authentication Service Provider Interface for Containers) defines a service provider interface (SPI) by which Authentication Configuration Providers (also called authentication modules) that implement message authentication mechanisms can be integrated in server Web application message processing containers or runtimes.
The JASPIC Authentication Configuration Provider assumes responsibility for authenticating the user credentials and returning a Subject. That is, if you configure an Authentication Configuration Provider, it is used instead of the WLS authentication mechanism for Web Applications. WebLogic Server then treats this Subject as it would all others. Authentication Configuration providers integrated through this interface operate on network messages provided to them by the WebLogic Server container. They authenticate incoming Web application messages and return to WebLogic Server the identity (the expected Subject) established as a result of the message authentication.
If you use the WebLogic Server Authentication Configuration Provider, you do not need to implement your own Authentication Configuration Provider, or acquire one from a third party. Instead, you specify the class name of your server authentication module (SAM), and any properties for the SAM. The SAM validates client requests and secures responses to the client.
To configure a WebLogic Server Authentication Configuration Provider:
The JASPIC general page appears.
The JASPIC Authentication Configuration Providers page for the domain appears.
You can accept the suggested name of WLSAuthConfigProvider-0, or use another name of your choice. The Server Authentication Module (SAM) Class Name identifies the Java class name of the SAM this Authentication Configuration Provider uses.
Each property must be on a separate line. For example: property1=value1.