Tuesday, February 20, 2018
Java Development India
Call Us

India: +91 98422 26200
Technologies: JEE|EJB|Swing|XML|Eclipse|JBoss|Weblogic|Oracle|Ajax|Web 2.0|W3C| View More

Java Authentication and Authorisation Service (JAAS)

The Java Authentication and Authorization Service (JAAS) inorder to provide two services, namely authentication and authorization. With the rapid expansion of the ecommerce frontiers, big corporates and the big enterprises, who became the key players in the arena demanded enterprise-scalable functionality for their corporate Internet and intranet environments. But such functionalities had to come with fool-proof security. Here security means techniques for ensuring that data stored in a computer or passed between computers is not compromised.

Most security measures involve proof material and data encryption. It is to address this exact security issue that Sun introduced the Java Authentication and Authorization Service (JAAS). JAAS infrastructure can be divided into two main components: an authentication component and an authorization component. The Java Authentication and Authorization Service (JAAS) is a standard extension to the Java 2 SDK. Java 2 provides codesource-based access controls. It lacks, however, the ability to additionally enforce access controls based on who runs the code. JAAS provides a framework that augments the Java 2 security model with such support. The authentication service is pluggable, which means that an application can remain independent of the authentication techniques used, that authentication modules can be upgraded easily, and that an application can use multiple forms of authentication concurrently.

JAAS - The Advantages

JAAS is based on the Pluggable Authentication Modules (PAM) model. Pluggable authentication confers several benefits. It allows applications to provide for single sign-on across multiple security domains and it allows for easy upgrading of a given login module. In addition, it allows for other modules to be added as necessary without changing client code. In JAAS the login modules that an application uses are configured externally to that application. That configuration is made available to the application, which simply calls a single login method to perform the login.

Each module then gathers the necessary data to perform the login. Within an application, making use of JAAS for authentication and the application creates a new LoginContext and calls its login method. Each LoginModule is then executed as necessary, depending on the options in the configuration file. The authentication process under JAAS is reasonably failsafe and secure. Using JAAS to leverage the SecurityManager for authorization is entirely commensurate with the java security model. JAAS works both on client-side and server-side applications.

What Java Development India Offer?

Java Development India offers JAAS development, JAAS consulting and JAAS related solutions from our offshore software development outsourcing centre at Kochi, Kerala in India.

Case Studies
Managing multilevel tasks
& Attendance Contact us
Challenge was to manage supply
chain of our client Contact us
UK Youtube for dreaming
footballers Contact us
Efficiently managing the
HR functions Contact us
Real Estate Management solution
Contact us
Providing solution to manage cargo
distribution Contact us
Managing activities of the
advertising industry Contact us
Real time global collaboration of
service providers Contact us
Solution for efficiently managing
stock & accounts Contact us
Copyright 2007, Java Development India All rights reserved.