Jpam 0.5 has been released. Source and binaries for Linux x86, Linux x86_64, Mac OS X and Solaris. This is a stable release. JPAM has been now been used in production for five months and extensively tested.

Jpam is a Java-PAM bridge. It supports JAAS along with its own simple API. PAM, or Pluggable Authentication Modules, is a standard security architecture used on Linux, Solaris, Mac OS X and other Unix systems. With Jpam, Java applications can utilise more than 70 native security PAM modules available on Unix-like platforms.

Java developers often shy away from native code. Other APIs are often used for security purposes, including JDBC and JNDI for directories such as Novell NDS or Active Directory. Hardware token based systems such as SecureId and DigiPass, however, generally provide PAM modules in native code. Utilising these is a difficult and expensive proposition. Jpam solves that problem, enabling utilisation of any PAM module you can install on your system.

When Sun added JAAS to J2EE and now J2SE they did not provide access to existing PAM modules, even though PAM itself was introduced by Sun.

What do you think the applications for PAM in your system deployments might be?