I am building a GUI for a Bioinformatics application. I need to be able to allow users to login and out of the program. Is there a reason I should use the JAAS or should I just use the Jpassword field? I am currently planning on using Jpassword to create my own login component. Is this just as good as JAAS?
Hey Smurfer,
JAAS is actually much more sophisticated that - it's an authentication and authorization framework/infrastructure - and it's cool!
It took me a bit to get my head around it, but after working on a government Swing app that had custom login handling written for it, I can say that JAAS is much more useful - even for simple username/password authentication. For example, there are a variety of exceptions that are available to be thrown for login failure circumstances (eg invalid credentials / expired credentials etc). I've found that this makes it easy to return informative feedback to the user about what's going wrong with logging in etc.
Also, JAAS is so cool that you can plug different authentication mechanisms in (eg use the operating system authentication for single sign on or biometric authentication - that one should get you in!).
I'm using Hibernate for O/R persistence, so I found this article to be useful in setting up JAAS: http://www.hibernate.org/139.html
Hope this helps
Paul C.
