- The application calls the login() function of the LoginContext class that authenticates the Subject
- The LoginContext in turn calls the login() function of each login module in the authentication stack for application’s policy configuration
The user authentication is done by the login module in two phases
- The login() method uses the Callback Handler to get the authentication information from the user
- The commit () method is executed if the user is successfully authenticated, and the abort() method is called if the authentication fails
Phases in Login Process (Cont’d)
Cheng® 