JAAS Common Classes

  • Subject (javax.security.auth.Subject)
  • Principal (java.security)
  • Credential

JAAS Authentication Classes

  • Callback (javax.secirty.auth.callback.Callback)
  • CallbackHandler(javax.security.auth.callback.CallbackHandler)
  • Configuration (javax.security.auth.login.Configuration)
  • LoginContext (javax.security.auth.login.LoginContext)
  • LoginModule (javax.security.auth.spi.LoginModule)

JAAS Authorization Classes

  • Policy (java.security.Policy)
  • AuthPermission (javax.security.auth.AuthPermission)
  • PrivateCredentialPermission (javax.security.auth.PrivateCredentialPermission)

JAAS Subject and Principal

  • The Subject class is considered as the central class of JAAS
  • The subject represents information for a single user, entity or system
  • The Subject includes the entity principals, public (public keys) and private (passwords, private keys) credentials
  • A Principal encapsulates features or properties of a subject
  • The JAAS API interface used to represent Principal is java.security.Principal
  • A Subject is associated with identities or principals throughout the authentication process
  • A Subject can contain multiple principals

For Example, a user with a name principal (George), a social security number principal (123-12-1234) and a username principal (GeorgeD), all of which differentiates the subject from other subjects

  • To retrieve principals from the associated subject, the following methods can be used