The Java Authentication and authorization service "(Java Authentication and Authorization Service,jaas) is an extension to the Java 2 SDK.
JAAS can be divided into authentication and authorization.
1) Authentication: Authentication user identity. See which user is executing the code. In layman's terms, which user is performing the operation. This operation may be on a application or a bean or servlet.
2) Authorization: Authorized user operation. That is, verifying that the user has specific access to the specified resource. Like whether a user has read access to the specified file.
Two common interfaces
CallbackHandler: Use the user information to authenticate the user.
Loginmodule: Used to authenticate user information.
Just a combined application of two objects configured or passed
Callback is you call me, incoming you, I use the incoming you tune you
Authentication. The Sampleloginmodule is implemented for the specified loginmodule.
Because the second parameter passed in when constructing LoginContext is new Mycallbackhandler. So Mycallbackhandler is used to obtain user authentication information.
Therefore: when executing lc.login (), the login method of Sampleloginmodule is called. and Sampleloginmodule will obtain the user's authentication information through Mycallbackhandler. Returns True if authentication succeeds, otherwise false is returned.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.