Monday, June 28, 2004

JAAS implements a Java version of the Pluggable Authentication Modules (PAM) framework. Sun Microsystems created PAM for its Solaris operating system; with JAAS, PAM is now available in a platform-independent form.

The main purpose of PAM is to allow application developers to write to a standard authentication interface at development time, leaving the decision of which authentication technologies will be used (and how they will be used) up to the system administrator. PAM allows new authentication techniques or technologies to be more easily added to existing applications. Likewise, an authentication policy can be changed by updating the login.config file, rather than rewriting the entire application.

JDK 1.4 comes with the following PAM modules. We'll use one of them and also practice writing two of our own later in the tutorial:

com.sun.security.auth.module.NTLoginModule
com.sun.security.auth.module.NTSystem
com.sun.security.auth.module.JndiLoginModule
com.sun.security.auth.module.KeyStoreLoginModule
com.sun.security.auth.module.Krb5LoginModule
com.sun.security.auth.module.SolarisSystem
com.sun.security.auth.module.UnixLoginModule
com.sun.security.auth.module.UnixSystem

Disqus for techtalk