Administration
For the system administrator, JAAS consists of two kinds of configuration file:
- *.login.conf: specifies how to plug vendor-supplied login modules into particular applications
- *.policy: specifies which identities (users or programs) are granted which permissions
For example, an application may have this login.conf file indicating how different authentication mechanisms are to be run to authenticate the user:
PetShopApplication { com.sun.security.auth.module.LdapLoginModule sufficient; com.foo.SmartcardLoginModule requisite; com.sun.security.auth.module.UnixLoginModule required debug=true; }Read more about this topic: Java Authentication And Authorization Service