Overview
The Java™ Authentication and Authorization Service (JAAS) was introduced as an optional package to the Java 2 SDK, Standard Edition (J2SDK), v 1.2, and is now integrated into the J2SDK.
JAAS provides Subject-based authorization on authenticated identities.
This document focuses on the authentication aspect of JAAS, specifically
the LoginModule interface.
Who Should Read This Document
This document is intended for experienced programmers who require the ability to write a LoginModule implementing an authentication technology.
Related Documentation
This
document assumes you have already read the following:
It also discusses various classes and interfaces in the
JAAS API. Please reference the javadocs for the JAAS API specification
for more detailed information:
- javax.security.auth Package
- javax.security.auth.callback Package
- javax.security.auth.kerberos Package
- javax.security.auth.login Package
- javax.security.auth.spi Package
- javax.security.auth.x500 Package
- com.ibm.security.auth Package
- com.ibm.security.auth.callback Package
- com.ibm.security.auth.login Package
- com.ibm.security.auth.module Package
The following tutorials for JAAS authentication and authorization
can be run by everyone:
Similar tutorials for JAAS authentication and authorization,
but which demonstrate the use of a Kerberos LoginModule and thus which
require a Kerberos installation, can be found at
These two tutorials are a part of the Java GSS-API and JAAS sequence of tutorials that utilize Kerberos as the underlying technology for authentication and secure communication.