|
Java Authentication and Authorization Service, or JAAS, pronounced "Jazz", is the Java implementation of the standard Pluggable Authentication Module (PAM) information security framework.〔 〕 JAAS was introduced as an extension library to the Java Platform, Standard Edition 1.3 and was integrated in version 1.4.〔 The main goal of JAAS is to separate the concerns of user authentication so that they may be managed independently. While the former authentication mechanism contained information about where the code originated from and who signed that code, JAAS adds a marker about who runs the code. By extending the verification vectors JAAS extends the security architecture for Java applications that require authentication and authorization modules. == Administration == For the system administrator, JAAS consists of two kinds of configuration file: * *.login.conf: specifies how to plug vendor-supplied login modules into particular applications * *.policy: specifies which identities (users or programs) are granted which permissions For example, an application may have this login.conf file indicating how different authentication mechanisms are to be run to authenticate the user: PetShopApplication 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Java Authentication and Authorization Service」の詳細全文を読む スポンサード リンク
|