Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why is SWAM usage discouraged?

discouraged SWaM usage
0
Posted

Why is SWAM usage discouraged?

0 CommentsAdd a Comment

1 Answer

0

The Simple WebSphere Authentication Mechanism (SWAM) is intended for simple, non-distributed, single application server run time environments. The single application server restriction is due to the fact that SWAM does not support forwardable credentials. What this means is that if a servlet or enterprise bean in one application server process invokes a remote method on an enterprise bean living in another application server process, the caller identity is not transmitted to the second server process. What is transmitted is an unauthenticated credential, which, depending on the security permissions configured on the EJB methods, might cause authorization failures. SWAM can be used as an authentication mechanism in the base edition of WebSphere Application Server. SWAM is not a supported option for WebSphere Application Server Network Deployment V5.0. Using it in the base edition is even discouraged because it relies on the HTTP Session object for maintaining the user state, which is pr

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123