Overview of the Login Process in JAAS
The login process starts when an access request to an application that is running on Java Authentication System. For example, when a web application is accessed by a web client, the web container which runs the application prompts the user to log in upon first request to a source that is protected by the application.
A new instance of LoginContext class is created by Java AS for the user to login. This is based on the policy configuration information for the deployment descriptor of the web application.
Policy configuration is provided to Java AS application by LoginContext to obtain information about the needed authorizations and authentication checks. These checks must be met for the purpose of granting the application accessibility. The checks are implemented by JAAS login modules or by authentication schemes. This process enables the pluggable authentication independent of the code of the application.
Overview of the Login Process in JAAS
Login Process:Instantiate a LoginContext.
import javax.security.auth.login.*;
LoginContext logconx = new LoginContext(<config file entry name>,
<CallbackHandler to be used for user interaction>);
The LoginContext instantiates a new empty javax.security.auth.Subject object.
The LoginContext constructs the configured LoginModule and initializes it with this new Subject and CallbackHandler.
Call the LoginContext's login method.
logconx.login();
The LoginContext's login method then calls methods in the LoginModule to perform the login and authentication. They LoginModule will utilize the CallbackHandler to obtain the user name and password. Then the LoginModule will check that the name and password are the ones it expects.