PicketBox is a Java Security Framework that build on top of JAAS, provides a schema formatted Security Configuration file(security-config_5_0.xsd) and various of LoginModule Implementation(UsersRolesLoginModule, LdapExtLoginModule, DatabaseServerLoginModule, etc) to security Java Application. The following are 5 key steps to execute a authentication:

//1. establish the JAAS Configuration with picketbox authentication xml file
SecurityFactory.prepare();

//2. load picketbox authentication xml file
PicketBoxConfiguration config = new PicketBoxConfiguration();
config.load(SampleMain.class.getClassLoader().getResourceAsStream("picketbox/authentication.conf"));

//3. get AuthenticationManager
AuthenticationManager authManager = SecurityFactory.getAuthenticationManager(securityDomain);

//4. execute authentication
authManager.isValid(userPrincipal, credString, subject);

//5. release resource
SecurityFactory.release();

Teiid Embedded expose 2 methods for security authentication:

• EmbeddedConfiguration.setSecurityHelper() - associated with a org.teiid.security.SecurityHelper in the engine jar, If no SecurityHelper is set, then no authentication will be performed.
• EmbeddedConfiguration.setSecurityDomain() - associated with a application-policy's name in Security Configuration file,If no SecurityDomain is set, then default "teiid-security" be used.

EmbeddedSecurityHelper is a sample implementation of SecurityHelper, authentication.conf is a sample Security Configuration file.