Chapter 3 Configuring User Authentication : User Authentication Overview

User Authentication Overview
When configuring user authentication, you choose which authentication option you want to use and configure that option. You can also use a different login module if you don’t want to use the module shipped with the product.
Authentication Options
RMS provides two options for user authentication.
File Based Authentication This method authenticates a user against user data stored in a file based repository. This method is not recommended for production purposes.
LDAP Authentication This method authenticates users against a directory server using LDAP as a protocol. RMS can leverage this information to authenticate users. The role information is configured through an LDAP attribute (this is directory server specific) like the nsroledn attribute in Sun Java System Directory Server.
Pluggable JAAS Login Module
Java Authentication and Authorization Service (JAAS) is a pluggable part of the Java security framework. User authentication is performed using a JAAS login module.
You can substitute a different implementation of the JAAS login module than the one provided. To configure the product to use your implementation, specify the location of your JAAS login configuration file using the following property in the be-rms.tra file:
java.property.java.security.auth.login.config
As another option, you may want to add the provided login module to your existing JAAS login configuration file (thus providing multi-stage authentication). If so, specify the location of the file in the above property.