By monzillo on Jan 22, 2008
- implementing a JSR 196 server authentication module (i.e., a SAM), and
- configuring the SAM as a message-security-provider via the Glassfish admin console, and
- binding the SAM for use by your application via sun-web.xml.
A SAM differs from a custom realm in that the SAM can control the HTTP authentication dialog, while a realm is typically used by a system controlling the dialog (such as a SAM) to validate or augment credentials extracted from the exchanged messages. JSR 196 is also used by (and available within) the client and server-side web service pipelines of the Glassfish METRO stack.[Read More]