Free ebook on JAAS, the Java Authentication and Authorization Service. JAAS is the Java Authentication and Authorization Service bundled in Java SE. JAAS can be used to provide user management and permissioning. JAAS, the Java Authentication and Authorization Service, has been a standard part of the Java security framework since version 1.4 version and was available as an optional package in J2SE 1.3.
Book Description
Before that time, the previous security framework provided a way to allow or disallow access to resources based on what code was executing. For example, a class loaded from another location on the Internet would have been considered less trustworthy and disallowed access to the local file system. By changing the security settings, this restriction could be relaxed and a downloaded applet could modify local files. Viewed mainly as a tool for writing clients, early Java didn’t seem to need much more than this.
Table of Contents
- Introducing JAAS
- Two Quick Examples
- Authentication
- Database-Backed Authentication
- Permissions and Access Control
- A Custom Policy
- Authentication Base Classes
- JAAS for Data Access Control
- JAAS in Web Applications
- Extending JAAS Integration in Web Applications