The Java™ Authentication and Authorization Service (JAAS) is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. J2SDK provides access controls that are based on where the code originated and who signed the code (code source-based access controls). It lacks, however, the ability to enforce additional access controls based on who runs the code. JAAS provides a framework that adds this support to the Java 2 security model.
The JAAS API is used by IBM® and Sun Microsystems, Inc. as an extension to the J2SDK, version 1.3. IBM and Sun are introducing this extension to allow the association of a specific user or identity to the current Java thread. This is done by using javax.security.auth.Subject methods and, optionally, with the underlying operating system thread using com.ibm.security.auth.ThreadSubject methods.
The JAAS implementation on the iSeries™ server is compatible with the implementation of Sun Microsystems, Inc. This documentation covers the unique aspects of the iSeries implementation. We assume that you are familiar with the general documentation for the JAAS extensions. To make it easier for you to work with that and our iSeries information, we provide the following links.