JAAS authentication from your application typically involves the steps. Explain the steps.
The steps that are involved in JAAS authentication are:1. Creation of LoginContext
2. Passing a CallbackHandler to the LoginContext , optionally for the purpose of gathering / processing the authentication data.
3. Invoking login() method of LoginContext
4. After successful login, perform privileged actions with the help of returned Subject.
JAAS authentication from your application typically involves the steps. Explain the steps.
The code for authenticating the user consists of two steps:1. Instantiate a LoginContext.
import javax.security.auth.login.*;
LoginContext logconx = new LoginContext(<config file entry name>,
<CallbackHandler to be used for user interaction>);
The LoginContext instantiates a new empty javax.security.auth.Subject object.
The LoginContext constructs the configured LoginModule and initializes it with this new Subject and CallbackHandler.
2. Call the LoginContext's login method.
logconx.login();
The LoginContext's login method then calls methods in the LoginModule to perform the login and authentication. They LoginModule will utilize the CallbackHandler to obtain the user name and password. Then the LoginModule will check that the name and password are the ones it expects.