In the OpenAM world an authentication module is responsible for authenticating a user, but sometimes the method of authentication is not that simple, as we think. For example the OpenAM gives out-of-the-box support for LDAP, Cert, SPNEGO token, etc. based authentication, but what happens if you need to authenticate (for some reason) from a WebService, this is when you’re probably going to end up developing a custom authentication module.
OpenAM is using JAAS, so if you don’t know what JAAS is, probably you need to read this, this is going to help you understand the basic concepts of the Auth API.
To create an authentication module, you’re going to need the followings:
- Configuration-UI descriptor XML with localization
- Callback-descriptor XML for login page UI
- Some java code for authentication logic
- maybe some JSP
- and lot’s of lot’s of OpenAM container restarts
So based on these needs I’m going to write a few more posts in this area, probably in the following structure:
- Configuration basics
- Config UI elements
- Validation of configuration
- Login UI basics
- Dynamic Callback-handling
- How to write the Java code
- Gotcha’s, best practices
- How to install auth module
I hope you will find these articles useful, some of them are new stuff for me too, so it may going to need some time to write them, but they’re going to (Forge)ROCK!