Java Authentication and Authorization Service (JAAS) - Javastudypoint

Monday, December 24, 2018

Java Authentication and Authorization Service (JAAS)

Java Authentication and Authorization Service (JAAS) is the API, which provides flexible and scalable standard security features for your applications. JAAS helps in the enforcement of access control over the resources to be secured. With the release of JAAS, Java has evolved as the general purpose language for development of applications which need the login and access control.



JAAS helps in the two important aspects of security - authentication, and authorization. Reliability and security can be assured by authenticating the user who is trying to access the access-controlled object or trying to execute the java code. The code may be running as an application, an applet, a bean or a servlet.
Authorization is assuring whether the user has the permission or privilege to do the action performed.

Features of JAAS:

  • The authentication is being done on the basis of who is executing the code irrespective of the fact that the code is an application, an applet, a bean or a servlet.
  • Authorizing the users for the permission granted to them for the action being performed by them.
  • JAAS is a pure Java technology.
  • Flexible access policy for users.
  • Role-based authorization.

JAAS Architecture:

JAAS has definitely simplified the java security development by introducing an abstraction layer between the application and the authentication and authorization mechanism being used. This abstraction helps in using the different security mechanism of our choice without changing the code in the application.

The application directly interacts with the LoginContext. LoginContext works as the interface between the application and the set of one or more LoginModules, which are directly configured. These LoginModules are actually responsible for handling the authentication using a security infrastructure.


JAAS also provides reference LoginModule implementations and we can develop our switch modules. A simple configuration file is just enough to help in setting up the application with a choice of implementations. see figure below.


Java Authentication and Authorization Service (JAAS)
JAAS Architecture


You may also like:















No comments:

Post a Comment