eXo Platform 3.5 uses a new authentication mechanism so-called the WCI authentication mechanism. This change from GateIn into the WCI module is because:

If there are other new portal containers in your eXo Platform extension, you need to update the authentication mechanism in the $PLATFORM-TOMCAT-HOME/conf/jaas.conf file. For example, in case you have added a new portal container named "company" to eXo Platform, you need to configure the new authentication module for the new portal container as follows:

<!--this configuration for defaul portal container with name "portal"-->
gatein-domain {
  org.gatein.wci.security.WCILoginModule optional;
  org.exoplatform.services.security.jaas.SharedStateLoginModule required;
  org.exoplatform.services.security.j2ee.TomcatLoginModule required;
};

<!--this configuration for new portal container with name "company"-->
gatein-domain-company {
  org.gatein.wci.security.WCILoginModule optional
    portalContainerName="company"
  	realmName="gatein-domain-company";
  org.exoplatform.services.security.jaas.SharedStateLoginModule required
    portalContainerName="company"
  	realmName="gatein-domain-company";
  org.exoplatform.services.security.j2ee.TomcatLoginModule required
    portalContainerName="company"
  	realmName="gatein-domain-company";
};

For more details, see the Change the JAAS realm section.