Although the method for configuring container-managed EIS signon
is deprecated in WebSphere® Application Server Version 6, this topic
uses a Dynamic Web Project to illustrate how to configure an application component
for container-managed EIS signon.
This configuration setting is reflected by the
<res-auth>Container</res-auth> directive
of the resource reference used by your application.
Configuring container-managed
EIS signon consists of:
- Setting the Authentication directive in the resource reference used by
your application to Container.
- Creating a JAAS Authentication Entry alias to be used to provide the User
ID and Password used for EIS signon.
- Configuring your application or connection factory to use the appropriate
JAAS Authentication Alias.
Detailed steps are described below.
- Set the Authentication directive to Container. Typically
this would be done by modifying the deployment descriptor of your application
in the development environment as follows:
- Right-click Deployment Descriptor: PhoneBookWeb and
select Open With > Deployment Descriptor Editor. For
a dynamic web project, open the web project in the deployment descriptor editor.
- Navigate to the resource reference in your application's deployment
descriptor and set the Authentication property to Container.
- Save your changes and close the web deployment descriptor editor.
The following code will be added to the deployment descriptor of your Web
application: <res-auth>Container</res-auth>
- Create a JAAS Authentication Entry. Create a JAAS Authentication
Entry alias to be used to provide the User ID and Password used for EIS signon
by completing the following steps:
- Under Related Items, click J2EE Connector Architecture
(J2C) authentication data entries. Navigate to the security settings
page which contains the JAAS Authentication Entries.
- Above the list of aliases, click New.
- Add a new entry containing the User ID and Password to be used
by your application for signon when connecting to IMS™.
- Enter an alias name, the User ID and Password to be used for IMS signon
and an optional description. Select OK. Save your changes.
- Configure your application or connection factory to use the appropriate
JAAS Authentication Alias. The recommended way to do this in WAS
V6 and later servers is to set the Container-managed Authentication Alias
on the resource reference in your application's deployment descriptor. An
alternative way that is now deprecated is to set the Container-managed authentication
alias property of the J2C connection factory used by your application. You
can do this when you first create the connection factory or later by editing
the connection factory. To set the Container-managed Authentication Alias
on the resource reference in your application's deployment descriptor, complete
the following steps:
- For a dynamic web project, open the web project in the deployment descriptor
editor.
- Navigate to the resource reference in your application's deployment descriptor
and select the JAAS Authentication Alias you created above from the list of
selections for the Authentication Alias property.
- Select OK.
To set the Container-managed Authentication Alias on
the J2C connection factory used by your application, complete the following
steps:
- In the Administrative Console for the server you selected, navigate
to the connection factory that you wish to modify. For example, Resource
adapters > server_name > J2C connection factories > connection_factory_name.
- In the Container-managed authentication frame, select the JAAS
Authentication Alias you created above from the Container-managed authentication
alias pull-down list of selections for the Authentication Alias property.
The other selections can be left alone.
- Select OK and then save your changes.
For information about the properties of a connection factory, see Connection Properties.
Note: The process
for configuring container-managed signon in a standalone WebSphere Application
Server is the same as the process for a WebSphere Application Server in a
unit test environment.