This is one of the most important classes in the JAAS API for application programmers: it defines the login( ) method (and the corresponding logout( ) method) that allows an application to authenticate a user. Create a LoginContext object using one of the public constructors. The constructor expects to be passed the name of the application, and, optionally, the that is to be authenticated and a that is to be used for communication between the underlying login module (or modules) and the user. If no Subject is specified, then the LoginContext will instantiate a new one to represent the authenticated user. If a Subject is supplied, then the LoginContext adds new entries to its sets of principals and credentials. If no CallbackHandler is specified, then the LoginContext attempts to instantiate one using the class name specified by the auth.login.defaultCallbackHandler property in the system’s security properties file.

Once a LoginContext is successfully created, you can authenticate a user simply by calling the login( ) method, and then calling getSubject( ) to obtain the Subject object that represents the authenticated user. When this Subject is no longer required, you can log them out by calling the logout( ) method.

public class LoginContext {
// Public Constructors
     public LoginContext(String name) throws LoginException;  
     public LoginContext(String name, ...

Get Java in a Nutshell, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.