com.sun.enterprise.security.jaspic (Payara Project 6.2022.2 API)

This package contains much of the integration code for JASPIC.

JASPIC is the EE standard for taking care of the authentication aspects of security. It allows for users to supply pluggable custom authentication mechanisms called SAMs ServerAuthModule.

Unlike Servlet or EE Security there are no default authentication mechanisms in JASPIC.

Code in this package builds upon the general (server independent) JASPIC Provider Framework Reference Implementation (org.glassfish.main.security:jaspic.provider.framework). It adds to this framework by implementing the Payara specific bits.

For Web/Servlet requests the authentication code is called from Catalina (Tomcat) via com.sun.web.security.RealmAdapter and then com.sun.web.security.realmadapter.JaspicRealm.

The pluggable authentication mechanisms are managed by the AuthConfigFactory. The Payara specific implementation of this is GFAuthConfigFactory, which is installed by com.sun.enterprise.security.ee.JavaEESecurityLifecycle.

Interface Summary
Interface Description

WebServicesDelegate
A Delegate interface for handling WebServices specific security and JASPIC (JSR 196) providers.

Interface Summary
Interface	Description
WebServicesDelegate	A Delegate interface for handling WebServices specific security and JASPIC (JSR 196) providers.

Class Summary
Class	Description
AuthMessagePolicy	Utility class for JASPIC appserver implementation.
MessageSecurityConfigEventListenerImpl	Listener class to handle admin message-security-config element events.

Package com.sun.enterprise.security.jaspic