All that JAAS

Scalable Java security with JAAS

1 2 3 Page 3
Page 3 of 3

Note that you can use server-side JAAS as the basis for a single sign-on framework, whereby a user is authenticated once and is subsequently granted appropriate access to multiple protected systems and services. Such a framework might use JAAS for authentication and JNDI (Java Naming and Directory Interface) for accessing secured services.

Develop more secure apps with JAAS

By providing a dynamic and extensible model for authenticating users and controlling permissions, JAAS gives you the tools to add more robust security to your applications. The flexibility of creating your own login mechanisms, while simultaneously leveraging prebuilt modules and a consistent framework, is a big plus.

JAAS works both on client-side and server-side applications. Though the state of affairs for JAAS on the server is certainly in flux right now, it will certainly stabilize going forward. As long as you're aware of what JAAS is and how it works, you'll be in a good position to leverage its capabilities however it evolves.

John Musser is a consultant and writer who, over the past 20 years, has built software ranging from global Wall Street trading systems to games for Electronic Arts. He is currently lead architect on a large-scale J2EE logistics system and teaches software development at Columbia University. Paul Feuer has developed large-scale intranet and extranet commercial Web applications for the past five years. He is currently a lead software engineer for a hybrid peer-to-peer document collaboration system and a graduate student in the Computer Science Department at New York University.

Learn more about this topic

1 2 3 Page 3
Page 3 of 3