The Mobile Web Services Security runtime provides a default authenticator for client authentication: com.ibm.pvcws.wss.internal.auth.module.BasicAuthenticator
It accesses org.osgi.service.useradmin.UserAdmin
service internally to authenticate clients. You can use this authenticator when UserAdmin
manages your clients. However, custom authenticator is required when you want to use a different user registry.
The Mobile Web Services Security runtime does not provide a default authorizer for client authorization. This means that a custom authorizer is required whenever you want to authorize clients.
Parent topic: Securing Mobile Web Services: XPD622