JAAS Common Classes
- Subject (javax.security.auth.Subject)
- Principal (java.security)
- Credential
JAAS Authentication Classes
- Callback (javax.secirty.auth.callback.Callback)
- CallbackHandler(javax.security.auth.callback.CallbackHandler)
- Configuration (javax.security.auth.login.Configuration)
- LoginContext (javax.security.auth.login.LoginContext)
- LoginModule (javax.security.auth.spi.LoginModule)
JAAS Authorization Classes
- Policy (java.security.Policy)
- AuthPermission (javax.security.auth.AuthPermission)
- PrivateCredentialPermission (javax.security.auth.PrivateCredentialPermission)
JAAS Subject and Principal
- The Subject class is considered as the central class of JAAS
- The subject represents information for a single user, entity or system
- The Subject includes the entity principals, public (public keys) and private (passwords, private keys) credentials
- A Principal encapsulates features or properties of a subject
- The JAAS API interface used to represent Principal is java.security.Principal
- A Subject is associated with identities or principals throughout the authentication process
- A Subject can contain multiple principals
For Example, a user with a name principal (George), a social security number principal (123-12-1234) and a username principal (GeorgeD), all of which differentiates the subject from other subjects

- To retrieve principals from the associated subject, the following methods can be used
