Definition

Java Authentication and Authorization Service (JAAS)

TechTarget Contributor

The Java Authentication and Authorization Service (JAAS) is a set of application program interfaces (APIs) that can determine the identity of a user or computer attempting to run Java code and ensure that the entity has the right to execute the functions requested. In this context, authentication is the process of determining whether or not an entity is who or what it declares itself to be; authorization is the process of giving an entity permission to do, use, or obtain something. Logically, authentication precedes authorization.

The JAAS authorization process extends the security policy to specify or identify the privileges that have been granted to an entity attempting to execute a given code. JAAS is independent of other APIs or technologies that may run concurrently. New or upgraded applications and technologies can be plugged in without modification.

This was last updated in September 2006

Continue Reading About Java Authentication and Authorization Service (JAAS)

Sun Developer Network outlines the features of JAAS.

SearchApplicationSecurity.com features: 'OWASP Guide to Building Secure Web Applications and Web Services, Chapter 10: Authorization.'

Java Authentication and Authorization Service (JAAS)

Continue Reading About Java Authentication and Authorization Service (JAAS)

Dig Deeper on Development tools for continuous software delivery

How to run Java in the browser with WebAssembly

Java array size, length and loop examples

JAR file (Java Archive)

Java naming conventions, explained

Continue Reading About Java Authentication and Authorization Service (JAAS)

Related Terms

Dig Deeper on Development tools for continuous software delivery

How to run Java in the browser with WebAssembly

Java array size, length and loop examples

JAR file (Java Archive)

Java naming conventions, explained