Java Authentication and Authorization Service (JAAS) model

The Java Authentication and Authorization Service model serves the browsers that first popularized Java well, as it effectively deals with the issues of mobile code. The Java 2 permission model takes the following information into account:

• The physical origin (the directory or URL) of the classes that are currently active.
• The logical origin of those classes.
• The identity of the organization that produced the classes, as proved by digital signature.

JAAS augments the current Java 2 runtime with knowledge of the user who is runs the application. The knowledge provides the authentication information needed when implementing the security model. JAAS augments the Java 2 security model to enable the following features:

• Specification of permissions based on a user identity.
• Enforcement of those permissions at application runtime.

The two features provide the authorization functionality needed when implementing the security model.

• Authenticating users and obtaining credentials
  The Security Verify Access Java-based authentication feature is built around the Java Authentication and Authorization Services (JAAS) model.
• Authorizing access requests
  This section explains how access requests are handled by ISAM authorization Java classes.

Parent topic: Java security