This topic has not yet been written. The content below is from the topic description.
This element uses the code attribute to specify what mapping module implementation an application can use, and the flag attribute to tell the application how to parse each mapping module present in the policy stack. The flag attribute supports the following values: required The module must succeed for mapping to be successful. If any required fails, the authentication will fail. The remaining modules in the stack are called regardless of the outcome of the authentication. requisite The module is required to succeed. If it succeeds, mapping continues down the stack. If the module fails, control immediately returns to the application. sufficient The module is not required to succeed. If it does succeed, control immediately returns to the application. If the module fails, mapping continues down the stack. optional The module is not required to succeed. Authentication still continues to proceed down the stack regardless of whether the module succeeds or fails.