Monday, September 20, 2010

Understanding JAAS

In order to understand JAAS, the following concepts are required:


  1. LoginContext

  2. LoginModule

  3. Callbackhandler

  4. Subject

  5. Principal

  6. Credentials

All the above concepts are implemented with the following an web application example to be explained here.


This is a simple application that has a login form waiting for username & password. At the time the user submits the form, a servlet is listening for that action. Once the servlet gets the user data it calls the LoginContext asking for an specific LoginModule list to be called. Each LoginModule is executed and validates the user account. At the end, only if all Login Modules succeded, the complete process succedes, otherwise the application displays that the account is not valid.


The important thing here to understand is that each Login Module implementation can be changed, but the structure remains.


Please see the below example to have a general understanding of JAAS.



The whole project can be downloaded from:

svn checkout https://jsf-tutorial-desperatedevs.googlecode.com/svn/branches/command-line-demo