9.4.1. JAAS Login Modules
In this section, we’ll look at a JAAS example that shows you:
• How to implement your own login module
• How to implement role-based authentication
Supplying your own login module is useful if you store login information in a database. Even if you are happy with the default module, studying a custom module will help you understand the JAAS configuration file options.
Role-based authentication is essential if you manage a large number of users. It would be impractical to put the names of all legitimate users into a policy file. Instead, the login module should map users to roles such as “admin” or “HR,” and the permissions should be based on these roles.
One job of the login module is to populate the principal set of ...