Binding the authentication module to a web application
To bind an authentication module to an application, you have two options in
• The first option (which is by far the simplest) is to configure the
httpservlet-security-provider attribute of the element
glassfish-web-app in the glassfish-web.xml file of the application.
The purpose of this configuration is to make you use the AuthConfigPro-
vider implementation provided by GlassFish to instantiate your security
module. The following code shows the contents of the glassfish-
web.xml file of our application. As you can see, we passed the ID of our pro-
vider to the httpservlet-security-provider attribute. Thus, whenev-
er it is necessary to analyze the security of a request, the GlassFish serv-
er through its AuthConfigProvider implementation will instantiate our se-
curity module in order to make it operational.