This is an intermediate-level tutorial. It is assumed that you know how to read and write basic Java applications and applets. If you're already a Java programmer, and you've been curious about authentication and authorization technologies and the Java library that supports them, then this tutorial is for you.

We'll start with an introduction to the basic concepts of authentication and authorization, as well as an architectural overview of JAAS. Next, we'll use a JAAS sample application to take your understanding of JAAS from theory to practice, both by breaking down the components of the application and by viewing the final execution result. As part of this exercise, we'll study a variety of JAAS configuration options that will help further cement the concepts you've learned.

JAAS is a complex technology, rich in function and features. We'll take it in slowly, in bite-sized chunks, and it is recommended that you go over each new concept more than once. By the end of the tutorial you will have a good foundation for working with JAAS on your own.

You need not have taken Part 1 of this tutorial to understand Part 2.