We have been configuring our JAAS LoginModule seperately on every Application Server (WebSphere - security.xml, WebLogic - java.security file). Is there a way by which we can avoid this App server specific JAAS configuration and put the JAAS LoginModule as a part of EAR descriptior???
OR any other easy way as a part of application and not the server?
JAAS is not part of J2EE specification, so there isn't a standard way to do that.
I am in the process of doing something similar to what you have done - to implement JAAS for my J2EE application that needs to be implemented on various app servers but I am not able to figure out how to do it.
Right now, I have a form-based authentication that uses Weblogic Default Authenticator where I define Users and Groups in the default realm...How can I manege these programatically ?