What is the difference between JAAS, SAML and Realm

Question

What is the difference between JAAS, SAML and Realm

I tried to find out JAAS, then I came up with the terms SAMLand Realm, and now I'm confused.

In any of the basic guides, JAASwe pretty much set up a basic one that has the usual configuration Realm. If I read the configuration SAML, then it will look the same as JAAS. I have no idea why the different names. Maybe SAML is built on Realm and JAAS on SAML , I’m not sure that any body, please, clearly distinguish the difference,

Please, humble request, if you share any link, define it a bit so that it helps me when I read them.

I have successfully configured JAAS BASIC and FROM authentication on both JBOSS and Glassfish. This helped me protect my JSPand Servelets(web project). where to see if I want to protect EJB as part of my application.

+4

java security jaas saml jdbcrealm

PHP Avenger Mar 29 '14 at 18:03

source share

3 answers

, . - , . JAAS SAML - , . SAML - . http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language

+2

Stefan Rasmusson 31 . '14 8:04

, , :

SAML JAAS . SAML - XML- . SAML XML- , / Web- .
JAAS, , , , , , .

, , JAAS , , SAML. , SAML /; XML-, JAAS- .

+2

Sean H 26 . '15 19:39

Vladimír Schäfer · Accepted Answer · 2014-04-13T08:30:10+0000

JAAS API- Java SE EE, . JAAS LoginModules. LoginModule (javax.security.auth.spi.LoginModule) , CallbackHandler. -. JAAS Subject ( ) Principal ( - , ). JAAS .

- Java (, FORM, BASIC DIGEST, web.xml) JAAS.

Realm - , /. . A, LDAP, B , , . , , - Tomcat, . (, ) Realms.

Java EE EJB (RBAC). , , , , , . (= , @RolesAllowed, @PermitAll, @DeclareRoles XML) (= , , isCallerInRole on EJBContext ). http://docs.oracle.com/javaee/6/tutorial/doc/bnbyl.html

SAML - . SAML WebSSO . , SAML , XML, , . SAML , - ( Identity Provider - ). SAML OpenID OAuth 2.0, , Facebook Google .

, ,

What is the difference between JAAS, SAML and Realm

More articles: