"Java Security Technology Exploration Path series: Java Extensible Security Architecture" XV: Jaas (ii): Jaas Classes and interfaces

Source: Internet
Author: User

Guo Jia
Email: [Email protected]
Blog: http://blog.csdn.net/allenwells
Github:https://github.com/allenwell

In J2SE, the core classes and interfaces of the jars framework are distributed in the following packages:

    • JAVAX.SECURITY.AUFH.: Contains the base classes and interfaces for authentication and authorization mechanisms.
    • Javax.security.auth.callback: *: Contains classes and interfaces for defining authentication credentials for an app.
    • Javax.security.auth.login.: Contains classes for logging in and exiting the application domain.
    • Javax.security.auth.spi. *: Contains the interface used by the jars provider to implement the Jars module.

These classes and interfaces can be further divided into 3 categories: generic, authentication, and authorization. Some of the important classes and interfaces in these 3 classes are described below.

A general class 1.1 Javax.security.auth.Subject

Subject (Principal class, Javax.security.auth.Subject): Represents a group of related entities, such as individuals, organizations, or services that have a set of security credentials. Once certified, you can populate subject with relevant identities or principals and make authorization decisions based on subject.

1.2 Java.security.Security

Principal (Java.security.Security): An interface that represents an entity that has passed certification, such as individuals, organizations, and services.

Second Authentication Class 2.1 Javax.security.auth.login.LoginContext

Logncontext (Login Context class, Javax.security.auth.login.LoginContext): Provides the basic method of authentication subjects. Once the caller instantiates Logingontext, login context invokes the login method to authenticate the subject. In addition, it is responsible for loading the configuration and instantiating the appropriate loginntodulesa.

2.2 Javax.security.auth.login.LoginModule

Loganmodule (Login module class, Javax.security.auth.login.LoginModule): This interface is primarily provided for JAAS providers, allowing the jars provider to implement the authentication mechanism as a login module and insert it into the user. The login module plug-in application environment is designed to provide specific types of authentication. During the authentication process, each loginmodule is initialized with a subject, a callbackhandler, shared loginmodule status, and Login module-specific options. The login module uses CallbackHandler to communicate with the user. J2SE 1.4 provides many login modules, which are located in the Com.sun.security.auth.module package.

2.3 javax.security.auth.login.Configuration

Configuration (config class, javax.security.auth.login.Configuration): Represents the Login module configuration for a specific login application.

2.4 Javax.security.auth.login.CallbackHandler

CallbackHandler (Callback handler class, Javax.security.auth.login.CallbackHandler): Defines an interface that allows interaction with the user to obtain authentication-related data, such as user name an code, Biometric samples and smart card-based credentials. The application implements Callbackhandle: and passes it to Loingcontext, loingcontext forwards it directly to the underlying Loginmoduleo.

Three Authorized Class 3.1 Java.security.Policy

Policies (Policy class, Java.security.Policy): Represents a system-level access control policy that is used to authorize based on an authenticated principal.

3.2 javax.security.auth.AuthPermission

Authpernussion (Authorization class, javax.security.auth.AuthPermission): Encapsulates the basic permissions required for Jaas authorization, and controls the object policy, Subject; Access to LoginContext and configuration.

3.3 Javax.security.auth.PrivateCreclentialsPermission

Privatecredenti address Pang Xia Jia rission (private credential permission class, javax.security.auth.PrivateCreclentialsPermission): Encapsulates the permissions for private credentials that are used to access subject.

"Java Security Technology Exploration Path series: Java Extensible Security Architecture" XV: Jaas (ii): Jaas Classes and interfaces

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.