Geronimo uses Java Authentication and Authorization Service (JAAS) login modules for user authentication and Java Authorization Contract for Containers (JACC), for authorization to server resources. Geronimo uses the Common Secure Interoperability Version 2 (CSIv2) protocol to support secure EJB access using CORBA.
The Java Authentication and Authorization Service (JAAS) implements a Java version of the standard Pluggable Authentication Module (PAM) framework. JAAS simplifies Java security development by introducing an abstraction layer between the application and the underlying authentication mechanisms, thereby enabling applications to be independent from the authentication mechanism. This enables us to plug in new or updated authentication mechanisms without requiring modifications to the application. Applications initiate authentication by instantiating a LoginContext
object, which in turn references...