Need a clarification on why is this architecture defined the way it is.
posted 5 years ago
I was going through the security architecture with an aim to understand this from the Java perspective. What I cannot understand is that despite having the option of invoking the JCA/JCE implementation, what is the need to have the following optional layers of JAAS, JSSE, JGSS and CertPath. I have attached the diagram for your perusal. Thank you in advance for the assistance.