JAAS

Set this to false to disable JAAS security checks. Disabling JAAS speeds up login. JAAS must be disabled if administrators are to be able to impersonate other users.

portal.jaas.enable=false

JAAS can authenticate users based on their email address, screen name, user id, or login as determined by the property company.security.auth.type.

Examples:

portal.jaas.auth.type=emailAddress
portal.jaas.auth.type=screenName
portal.jaas.auth.type=userId
portal.jaas.auth.type=login

By default, com.liferay.portal.security.jaas.PortalLoginModule loads the correct JAAS login module based on what application server or servlet container the portal is deployed on. Set a JAAS implementation class to override this behavior.

Example:

portal.jaas.impl=

The JAAS process may pass in an encrypted password and the authentication will only succeed if there is an exact match. Set this property to false to relax that behavior so the user can input an unencrypted password.

portal.jaas.strict.password=false

Set this to true to enable administrators to impersonate other users.

portal.impersonation.enable=true