CoreMedia CMS supports built-in users and users from external sources like LDAP servers. The content server authenticates built-in users, whereas authentication of LDAP users is delegated to the LDAP server. Authentication is now based on JAAS. Different JAAS login modules authenticate users from different sources. Login modules are Java classes that have to implement the interface javax.security.auth.spi.LoginModule (see http://java.sun.com/products/jaas/). CoreMedia CMS provides default login modules for built-in user and LDAP user authentication:

You can implement your own login module classes to authenticate users from other origins. Login modules are configured in a JAAS configuration file, which is typically named jaas.conf. The location of the jaas.conf file is configured by the key cap.server.login.authentication. The value may be a URL (especially a classpath URL) or a file path (absolute or relative to cap.server.base-dir)