- The authentication of JAAS is based on PAM
- PAM enables authentication in a pluggable fashion that supports the addition of more authentication modules to the application
- Java application functions independently regardless of the implemented authentication technologies
- New authentication technologies can be implemented without the need of modifying the application
- PAM enables different web application to authenticate users against its own data store
- PAM is the feature that helps programmers to implement single sign-on in web application that are deployed on the same application server
05.Secure Coding Practices for Authentication and Authorization
Cheng® 