What is JAAS? The Java Authentication and Authorization Service (JAAS) is a integrated package comes with Java 2 SDK. Basically JAAS is designed to achieve two things, Authentication - determine who is executing the code Authorization - ensure user/code has access control right to perform an action JAAS for Authentication JAAS modules related to authentication are connected in a pluggable manner. So it promotes the reuse of underline authentication technology with different applications. Following are the key classes we use in authentication process. LoginContext This is the start point of the authentication process. This class contains 3 methods as, login() - authenticate user logout() - logout user getSubject() - get authenticated user When we initiate a LoginContext, we provide required configurations to handle authentication. So we can change underlying authentication technology from the configuration without updating the application logic. Config