3.9.88 /glassfish-ejb-jar/enterprise-beans/ejb/webservice-endpoint/login-config/auth-method
/glassfish-ejb-jar/enterprise-beans/ejb/webservice-endpoint/login-config/auth-method specifies the authentication method.
Description
/glassfish-ejb-jar/enterprise-beans/ejb/webservice-endpoint/login-config/auth-method specifies the authentication method.
As a parent element, login-config specifies the authentication mechanism for the web service endpoint. As a prerequisite to get access to a web resource protected by an authorization constraint, a user must be authenticated using the configured mechanism.
The authentication types are as follows:
- BASIC
-
Uses the built-in Login dialog box of the server. The communication protocol is HTTP (SSL optional). User-credentialed encryption is available only when SSL is used. The Basic type is not considered to be a secure method of user authentication unless it is used in conjunction with some external secure system such as SSL.
- FORM
-
The application provides its own custom login and error pages. The communication protocol is HTTP (SSL optional). User-credentialed encryption is available only when SSL is used.
- CLIENT-CERT
-
The server authenticates the client using a public key certificate. The communication protocol is HTTPS (HTTP over SSL). User-credentialed encryption is SSL.
- DIGEST
-
The server authenticates a user based on the user name and the password. Unlike BASIC authentication, the password is never sent over the network. The use of SSL with HTTP Digest is optional.
Specifiable values
Type: String
{BASIC | DIGEST | FORM | CLIENT-CERT}
Repetition pattern
Only one time