aspose file tools*
The moose likes Java in General and the fly likes To Cay and Gary: SASL and JAAS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "To Cay and Gary: SASL and JAAS" Watch "To Cay and Gary: SASL and JAAS" New topic
Author

To Cay and Gary: SASL and JAAS

Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
Hi Cay,

Tiger has introduced SASL. Does this overlap some functionality provided by JAAS?

I saw the JSR said SASL depends on JAAS, however, if so, why we need such a subset? Does it really simply JAAS a lot for simple security measurements?

Nick


SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
Cay Horstmann
author
Ranch Hand

Joined: Nov 14, 2004
Posts: 115
    
  11
I am definitely not an expert on SASL, and it seems to me a rather specialized issue. It is a protocol that allows client and server to negotiate an authentication mechanism. SASL is used by LDAPv3 and IMAP. However, if all you want is talk to LDAP or IMAP servers, then you need not worry about SASL--the JNDI and JavaMail APIs have the necessary plumbing built-in. You would worry about SASL if you wanted to implement your own client and server application and have the benefits of the SASL protocol. According to http://java.sun.com/j2se/5.0/docs/guide/security/sasl/sasl-refguide.html,
SASL is more lightweight than using SSL or Kerberos (via Java GSS).

Cheers,

Cay


Author of Java 8 for the Really Impatient
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982

SASL is more lightweight

Does it compare with JAAS?

Also, SASL is a lightweight seems it uses light weight *handshaking* methods between client and server?

Nick
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
Moreover, taking about Security issue, I would like to know whether Tiger support ECC as one of its encryption algorithms?

Nick
 
jQuery in Action, 2nd edition
 
subject: To Cay and Gary: SASL and JAAS