Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

To Cay and Gary: SASL and JAAS

 
Nicholas Cheung
Ranch Hand
Posts: 4982
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Cay,

Tiger has introduced SASL. Does this overlap some functionality provided by JAAS?

I saw the JSR said SASL depends on JAAS, however, if so, why we need such a subset? Does it really simply JAAS a lot for simple security measurements?

Nick
 
Cay Horstmann
author
Ranch Hand
Posts: 172
15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am definitely not an expert on SASL, and it seems to me a rather specialized issue. It is a protocol that allows client and server to negotiate an authentication mechanism. SASL is used by LDAPv3 and IMAP. However, if all you want is talk to LDAP or IMAP servers, then you need not worry about SASL--the JNDI and JavaMail APIs have the necessary plumbing built-in. You would worry about SASL if you wanted to implement your own client and server application and have the benefits of the SASL protocol. According to http://java.sun.com/j2se/5.0/docs/guide/security/sasl/sasl-refguide.html,
SASL is more lightweight than using SSL or Kerberos (via Java GSS).

Cheers,

Cay
 
Nicholas Cheung
Ranch Hand
Posts: 4982
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

SASL is more lightweight

Does it compare with JAAS?

Also, SASL is a lightweight seems it uses light weight *handshaking* methods between client and server?

Nick
 
Nicholas Cheung
Ranch Hand
Posts: 4982
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Moreover, taking about Security issue, I would like to know whether Tiger support ECC as one of its encryption algorithms?

Nick
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic