3.13.14 /glassfish-web-app/servlet/webservice-endpoint/login-config/auth-method
/glassfish-web-app/servlet/webservice-endpoint/login-config/auth-method specifies the authentication method.
Description
/glassfish-web-app/servlet/webservice-endpoint/login-config/auth-method specifies the authentication mechanism for the web service endpoint. As a prerequisite to gain access to any web resources protected by an authorization constraint, you must be authenticated using the configured mechanism.
The Authentication Types are as follows:
- BASIC
-
Uses the server's built-in login dialog box. The communication protocol is HTTP (SSL optional). User-credentialed encryption is not available unless SSL is used. This is not considered to be a secure method of user authentication, unless used in conjunction with some external secure system, such as SSL.
- FORM
-
The application provides custom login and error pages. The communication protocol is HTTP (SSL optional). User-credentialed encryption is not available unless SSL is used.
- CLIENT-CERT
-
The server authenticates the client using a public key certificate. The communication protocol is HTTPS (HTTP over SSL). User-credentialed encryption is SSL.
- DIGEST
-
The server authenticates the user based on a user name and a password. Unlike the BASIC authentication, the password is never sent over the network. The use of SSL with HTTP Digest is optional.
Specifiable values
Type: String
{BASIC | DIGEST | FORM | CLIENT-CERT}
Repetition pattern
Only one time