Java Authentication and Authorization Service (JAAS) for z/OS Overview

(last updated August, 2011)

Table of Contents


The Java 2 platform provides a means to enforce access controls based on where code came from and who signed it. These access controls are needed because of the distributed nature of the Java platform where, for example, a remote applet can be downloaded over a public network and then run locally.

However, the Java 2 platform does not provide a way to enforce similar access controls based on who runs the code. To provide this type of access control, the Java 2 security architecture requires the following:

The Java Authentication and Authorization Service (JAAS) framework provides these enhancements.

For more information on JAAS, see the Java Authentication and Authorization Service (JAAS) Reference Guide.

Customers on z/OS V1.2 and V1.3 should wait to use JAAS until a PTF after UQ77468.

Online documentation

To download a copy of the documentation for the JAAS, download the jaasdocs14.jar (JAR, 303KB) file. We have had reports of occasional download problems with older levels of browsers; if you have trouble downloading the jar file, please try another level of the browser or a different browser.

To extract the documentation from the downloaded .jar file, place the .jar file at the directory location where you would like the documentation (typically the ${java-home}/docs directory) and issue the following command:

    jar xvf jaasdocs14.jar

Note that the jaasdocs14.jar file contains documentation only and no executable code.

Differences between IBM and Sun versions of JAAS

Sun provides a version of JAAS, although it does not apply directly to z/OS. The IBM version of JAAS for z/OS differs from the Sun version in the following ways:

Software prerequisites

To use JAAS, you must have SAF Service provider installed and configured (RACF or another).

Contact IBM

Browse z/OS