Add security to applications by using JAAS
Takeaway: Java Authentication and Authorization Service (JAAS) provides the ability to implement the two things that any decent security system needs: authentication and authorization. See how JAAS may save you time and effort the next time you need to add security to your Java app.
Balancing openness and security is complicated when you're writing applications that users outside your company's normal network sandbox must be able to access or that access resources needing security protection.
Many Java programmers create their own security modules for their applications. Most of these modules are for a specific application; then, when the next app comes along that needs security, the programmer has to start all over again. Another drawback of building your own security system for your application is that, as the application becomes more complex, the security requirements probably will too.
Java Authentication and Authorization Service
You can avoid this problem (or at least significantly reduce the impact of implementing security for your application) by taking advantage of the Java Authentication and Authorization Service (JAAS) API, which is in the standard Java distribution.
JAAS provides the ability to implement the two things that any decent security system needs: authentication and authorization.
Developers can use JAAS for standalone applications, Web apps, EJBs, and pretty much any type of Java app that you can create. The flexibility and openness of the API can make it a bit difficult to understand at first. But if you're using an application server, it probably already has JAAS modules that you can use to manage your application's security.
The next time you need security in your application, consider whether JAAS can save you time and effort. If you're already using a J2EE or servlet container, check out its JAAS capabilities. Even though JAAS has a steep learning curve, it's also a very short one, and the benefits are definitely worth the effort it takes to get started.
Delivered each Thursday, our free Java newsletter provides insight and hands-on tips you need to unlock the full potential of this programming language. Automatically sign up today!
White Papers, Webcasts, and Downloads
- Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now
- Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
- The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
- Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Ever wonder why your company isn't saving more from its server virtualization? Making a few small changes could dramatically increase your efficiency. Download Now
- Five Steps to Determine When to Virtualize YourServers VMware Thinking of virtualizing the servers at your company? Use this step-by-step guide to determine when's the best time to make your big move. Download Now
Article Categories
- Security
- Security Solutions, IT Locksmith
- Networking and Communications
- E-mail Administration NetNote, Cisco Routers and Switches
- CIO and IT Management
- Project Management, CIO Issues, Strategies that Scale
- Desktops, Laptops & OS
- Windows 2000 Professional, Microsoft Word, Microsoft Excel, Microsoft Access, Windows XP,
- Data Management
- Oracle, SQL Server
- Servers
- Windows NT, Linux NetNote, Windows Server 2003
- Career Development
- Geek Trivia
- Software/Web Development
- Web Development Zone, Visual Basic, .NET
