The Java Authentication and Authorization Service (JAAS) is a set of application program interfaces (APIs) that can determine the identity of a user or computer attempting to run Java code and ensure that the entity has the right to execute the functions requested. In this context, authentication is the process of determining whether or not an entity is who or what it declares itself to be; authorization is the process of giving an entity permission to do, use, or obtain something. Logically, authentication precedes authorization.
The JAAS authorization process extends the security policy to specify or identify the privileges that have been granted to an entity attempting to execute a given code. JAAS is independent of other APIs or technologies that may run concurrently. New or upgraded applications and technologies can be plugged in without modification.