Java Authentication and Authorization Service

 

+

Search Tips   |   Advanced Search

 

The standard Java 2 security API helps enforce access control based on the location of the code source or the author or packager of the code that signed the jar file. The current principal of the running thread is not considered in the Java 2 security authorization.

Instances where authorization is based on the principal, as opposed to the code base, and the user exist. The JAAS is a standard Java API that supports the Java 2 security authorization to extend the code base on the principal as well as the code base and users.

The JAAS V1.0 extends the Java 2 security architecture of the Java 2 platform with additional support to authenticate and enforce access control with principals and users.

JAAS implements a Java version of the standard Pluggable Authentication Module framework, and extends the access control architecture of the Java 2 platform in a compatible fashion to support user-based authorization or principal-based authorization. WAS fully supports the JAAS architecture. JAAS extends the access control architecture to support role-based authorization for J2EE resources including...




Sub-topics


Java Authentication and Authorization Service authorization
Login configuration for JAAS
Programmatic login
Java Authentication and Authorization Service authorization

 

Related concepts

Programmatic login
Authorization technology

 

Related Reference

Login configuration for Java Authentication and Authorization Service