Scalable Java security with JAAS

Wednesday, 18 September 2002, 3:31 PM EST

JAAS, the Java Authentication and Authorization Service API, provides flexible and scalable mechanisms for securing your client- and server-side Java applications. Where earlier Java security frameworks focused on protecting the user from mobile code, based on the code's origins and who created it, JAAS protects the system from users, based on who runs the code and their permissions. This pluggable, stackable API lets you incorporate standard security mechanisms like Solaris NIS (Network Information Services), Windows NT, LDAP (lightweight access directory protocol), Kerberos, and others into your application in a consistent, configurable way. This article first introduces you to the core elements of JAAS authentication. It then shows you how to develop your own custom login modules, using both command-line- and JSP (JavaServer Page)-based examples that authenticate against user records stored in a JDBC (Java Database Connectivity)-compatible RDBMS (relational database management system).

[ Read more ]




Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //