Java Authentication and Authorization Service

Oracle Application Server provides an implementation of Java Authentication and Authorization Service (JAAS) that integrates with the Oracle Application Server J2EE security infrastructure to enforce security constraints for J2EE applications. The OracleAS JAAS Provider implementation provides: Authentication: To integrate multiple forms of authentication, including Oracle Application Server Single Sign-On, with Java-based applications, adding strong authentication and extensible security. Authorization: To manage access control policies in Oracle Internet Directory or other secure repositories, to control access by role, and to partition security policy by subscriber. Delegation: To support impersonation of a specified user, allowing an enterprise bean, servlet, or JSP to run with the permissions associated with the current client or a specified user.