Using the Pluggable Authentication Module

HCL Workload Automation enhances the WebSphere Application Server by supporting a user authentication mechanism based on the Pluggable Authentication Module.

This enhancement provides a single authentication mechanism that is capable of authenticating users no matter what their user registry implementations are based on, local OS or LDAP.

HCL Workload Automation automatically installs the plug-in that enables WebSphere Application Server to use enabled Pluggable Authentication Module authentication. The plug-in uses the service with name other. Ordinarily, you need do nothing to configure the Pluggable Authentication Module. However, if the level of your authorizations inhibits you from using other, you should add the service with name checkpassword in the /etc/pam.conf file.

The use of the Pluggable Authentication Module also extends the capabilities of WebSphere Application Server to include support for authentication in HP Trusted Mode environments.

HCL Workload Automation is set by default to use a Pluggable Authentication Module user registry called "custom" or "customPAM". If the Pluggable Authentication Module is not configured with this registry, WebSphere Application Server looks in the local user registry on the master domain manager.