WSO2 SOA Enablement Server for Java™ contains several classes representing LoginModules, Credentials, and CallbackHandlers. These classes enable customized authentication and authorization using the JAAS LoginModule. For example, an application may choose not to use WSO2 SOA Enablement Server UserStore for HttpBasic authentication, and may instead use its own implementation of LoginModule.

The text below describes new entries defined in the file WASP_HOME/conf/jaas.config and the corresponding LoginModule. An application may use the callbacks passed to LoginModule, but it must produce the defined principal and credential.