Prebuilt JAAS Modules

TIBCO Enterprise Message Service provides a number of JAAS modules that can be used with the EMS server. These default modules are very flexible, and offer a variety of configuration options to suit most needs.

An EMS server file, tibemsd-jaas.conf, that is preconfigured to use the prebuilt JAAS modules, is located with the other sample configuration files in the EMS_HOME/samples/config directory.

The module classes are found in EMS_HOME/bin/tibemsd_jaas.jar, and example module configuration files can be found in EMS_HOME/samples/config/jaas directory.

The default modules are:

  • LDAP Simple Authentication — a simple user authentication scheme using LDAP. This module requires the fewest parameters and is easiest to configure.
  • LDAP Authentication — a full featured user authentication scheme using LDAP. This module provides greater functionality and better performance than the LDAP Simple Authentication module.
  • LDAP Group User Authentication — a full featured user authentication scheme using LDAP. An extension of LDAP Authentication, this module also retrieves LDAP group membership information and passes it back into the EMS server, where it may be used for authorization. This modules provides the most functionality but generates more requests to the LDAP server.
  • Host Based Authentication — authentication based on the hostname or IP of a user connection. The module is most often used in conjunction with other modules, or in situations where only specific network nodes may authenticate to the EMS server.