ALERT

[FREE DEMO] Deploy Your Enterprise Cloud in Minutes

Java Authentication And Authorization Service (JAAS)

Definition - What does Java Authentication And Authorization Service (JAAS) mean?

Java Authentication and Authorization Service (JAAS, pronounced "jazz") is a set of APIs that is used for authenticating the identity of a user or client/computer and ensures that this entity, which is attempting to run Java code, has the proper privileges for the request. JAAS is an extension to the Java platform and was integrated in Java Standard Edition 1.4.

Techopedia explains Java Authentication And Authorization Service (JAAS)

The Java Authentication and Authorization Service is Java's implementation of the Pluggable Authentication Module (PAM) information security framework standard, which was first proposed by Sun Microsystems in October 1995 in the Open Software Foundation Request for Comments (RFC) 86.0. There was no real ratification of any PAM standard but an attempt was made to standardize it as part of the X/Open UNIX standardization process that later became the X/Open Single Sign-on (XSSO) standard, which was still not ratified. However, this was used as the basis for the JAAS implementation of PAM.

The JAAS process extends the usual security policy into adding privilege specification granted to the user requesting to execute Java code. Like most security processes, JAAS uses authentication and authorization. First it authenticates the requesting entity and determines if it really is who it says it is and finds out what privileges it has been given. Then it checks the type of request against the specification of privileges to determine if it has the authority for such a request. And then it finally gives or denies authorization based on the authentication process.

As an API, JAAS is independent of other Java APIs and can run concurrently with them, even with other security APIs. Because of this, new Java code, technologies and applications may be plugged in with little to no modification required.

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
Tweat cdn.techopedia.com
"Techopedia" on Twitter


'@Techopedia'
Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Resources
The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.