Working around WebSphere’s implementation of JASPIC

There are a few nuances when using WebSphere Application Server Classic and developing your own custom JASPIC implementation. This post details a few that I encountered.

You need to explicitly enable it

WebSphere does not enable application based security nor JASPIC by default so Global Security needs to be configured with the following enabled

  • Enable application security
  • Enable Java Authentication SPI (JASPI)