Authentication Classes and Interfaces
To authenticate a subject (user or service), the following steps are performed:
- An application instantiates a LoginContext.
- The LoginContext consults a Configuration to load all of the LoginModules configured for that application.
- The application invokes the LoginContext's login method.
- The login method invokes all of the loaded LoginModules. Each LoginModule attempts to authenticate the subject. Upon success, LoginModules associate relevant Principals and credentials with a Subject object that represents the subject being authenticated.
- The LoginContext returns the authentication status to the application.
- If authentication succeeded, the application retrieves the Subject from the LoginContext.
The authentication classes are described in the following sections.