Developing a Login Module
We have used a specific login module, KeyStoreLoginModule, earlier in Example #4 to illustrate how a Java program can prompt a user for authentication information and use an external user account management system to get username and password. We also discussed how JAAS allows any user account management system to be used for authentication through configured login modules.
KeyStoreLoginModule is great for illustration due to its platform independence and the fact that the tools to manage the underlying datastore are available within J2SE. However, it suffers from a big limitation: it has no concept of roles or groups. As a result, it is not possible to create different roles, assign multiple users to these roles and ...
Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
