This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I was going through the security architecture with an aim to understand this from the Java perspective. What I cannot understand is that despite having the option of invoking the JCA/JCE implementation, what is the need to have the following optional layers of JAAS, JSSE, JGSS and CertPath. I have attached the diagram for your perusal. Thank you in advance for the assistance.