How to Use and Test Authentication Module and Authentication Chain in OpenAM

Authentication Module and Authentication  Chain in OpenAM are one of its most striking features.

In this article is exposed, how to provide a step-by-step testing approach to validate a realm using an an authentication chain and module.

1. Authentication Module

openAM provides out of the box 24 authentication module types
The scope of authentication module can be a given realm

2. Authentication Module Test

When creating an authentication module, it is good practice to test that the realm can be authenticated using the module considered

The way to test it is:

  • <hostname>:port/openam?realm=<realm_name>&module=<module-name>
3. Authentication Chain

An Authentication Chain is made up of authentication modules.
For each authentication module part of the authentication chain, shall be indicated the status  (sufficient, requisite, required)

  • Sufficient
  • Requisite
  • Required
4. Authentication chain test

The way to test it is:

  • <hostname>:port/openam?realm=<realm_name>&service=<authentication-chain>
5. Realm test when using authentication chain

You should first configure the default authentication chain for the considered realm.

Once done, the way to test it is:

The way to test it is:

  • <hostname>:port/openam?realm=<realm_name>




Olivier Rivat

Olivier Rivat

Senior Software Engineer with over 25 years of experience doing Software Development, Support and Consulting in Identity and Access Management Solutions.
Specialised in IAM (security, access control, identity management) and Open Source integration, settled in 2004 by IAM industry veteran, JANUA offers high value-added products and services to businesses and governements with a concern for Identity Management and Open Source components.
JANUA provides better security, build relationships, and enable new cloud, mobile, and IoT offerings from any device or connected thing.
Olivier Rivat