Win a copy of Programming with Types this week in the Angular and TypeScript forum
or The Design of Web APIs in the Web Services forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Liutauras Vilda
  • Bear Bibeault
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Knute Snortum
  • Henry Wong
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Joe Ess
  • salvin francis

I need a good resource for understanding JAAS

Ranch Hand
Posts: 76
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am working on a project and am very new to the security API. I dont have any idea about security in JAVA. My project contains servlets, jsp's, ejb's and a database managed by IBM DB2. Could you please suggest a good resource, book or online tutorial which could help me to progress. I need to develop authentication using usernames and passwords, authorization for different types of users with different roles and other security related issues I may need to implement.
I would prefer a resource which uses EJB 3.0(if at all it uses it) as I an SCBCD 5 certified.
I tried the doc tutorials and guides available on but I found them really confusing.
Please suggest something easy yet very helpful.

Waiting eagerly for a response...
Ranch Hand
Posts: 2187
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How is it possible that you are SCBCD 5 certified and have no idea about Java security? This is very disturbing.
Posts: 43011
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The links to introductory material about JAAS, including two recent JavaRanch Journal articles (whose author hangs out here at the ranch, ready to answer questions).

Note that most web apps don't use JAAS, but the servlet security that's built into the servlet API (which gets defined in the web.xml file).
[ August 11, 2008: Message edited by: Ulf Dittmer ]
Note to self: don't get into a fist fight with a cactus. Command this tiny ad to do it:
Java file APIs (DOC, XLS, PDF, and many more)
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!