JAAS in Action

Several years ago a I wrote a book on JAAS, the Java Authentication and Authorization Service. I really liked the idea of JAAS before writing the book, and loathed it after writing the book. The design was nifty, but the implementation made using it tedious. The publisher decided not to publish the book after the initial round of technical reviews, best summarized by one review I remember, “this is fine, but I wouldn’t pay $50 for it.”

Thankfully, the rights for the book are now all mine, so I’ve put them up free for several years. My old website is currently down, so I’m moving it to this blog.

This blog will contain a blog entry per chapter once I convert them accordingly. Until then, here’s a zip file of all the chapter PDFs and a zip file of the source code.

If you find this at all useful, please leave a comment below: it’s great to hear from folks!


40 Responses to “JAAS in Action”

  1. theknight Says:

    thanks for sharing.
    I will satrt reading the book and try to give feedbacks

  2. Cristian Says:

    Thank you for the book !

  3. Hugo Alberto Bedolla Says:

    Nice… I’ll read this book carefully… thanks so much for build this effort :).

  4. JAASnewbie Says:

    I’m reading the book and i think it’s more useful than jaas reverence guide 🙂
    I’m asking if there is an available copy of the source code you are mentioning throughout the book.
    however Thanx a lot for you work!

  5. Bharti Says:

    Thank you very much for you hard job, it really helped me very much to understand everything about JAAS. JAAS was a black box for me when we first started working with it (of course because client wanted that) but i didn´t released our mistakes where because we didn´t understood it properly before starting working.

    I also liked the the way of usage of JAAS and i implemented it in an application, but when i installed it at client it was not working, i still don´t know why, but there was no time to investigate (nothing new in this job) so i had to change the whole login implementation, but thanks to you i have learned alot.

    Once more, thank you very much, and wish all the best. You should make you own JAAS certified classes and exams.

  6. tutti Says:

    how can I integrate JAAS in jaasrealm in tomcat 6.0, your guidance would be appreciated.

  7. depa Says:

    thx much for the book.

  8. Arun Singh Says:


    First of all, Thanks a lot to provide jaas book pdf and code, it is very helpful for me. but there is some information missing or i missing something? May u explain more about following points :

    1. server.xml ( we have to change tomact server.xml file or we can add our own server.xml in web application, if yes please tell me where to put and how to use?)

    2. .properties file (how to use it and where to put this in our web application, i want to use mysql server for webapplication)

    3. build.xml (How to use it and what is the use of?)

    Thanks in advance…reply soon please

    Arun Singh

  9. L Says:

    Congratulations, Great work!

  10. Anup Shukla Says:

    Thanks !

    Just starting on JAAS and this is the first thing that I am going to read.
    Thanks for making your work available.

    – Anup.

  11. Guifre Pilos Says:

    I’ve just downloaded your book and even before looking at it I want to thank you for sharing your knowledge. May I be able to do the same sometime!

  12. Tarun Elankath Says:

    Thanks a million for this. I am finding your book really useful and I am just wondering why on earth did it never get published!!! I mean..Manning has published so much worse. 🙂

  13. Rescate Says:

    Thanks for providing this resource, it’s really generous of you to do this. I’ve gone through the first chapter, will read the rest on the weekend and follow up.

  14. Viet Anh Says:

    It’s great. Thanks the person who wrote that book. It’s so helpful

    Sorry I don’t know your name. But thanks again

  15. Felipe Says:

    Great Work!!!

  16. ijj Says:

    Hi~ Thank you so much for your freebook.
    I just downloaded but i thought it’s great!
    Can I ask you how to execute the Ch9 code with your source code?

    Thanks again..

  17. David Says:

    Tanks, the book is great. This book showed me the funcionality of JAAS and how to use it. The problem is that JAAS is something complicated and has been replaced by other librarys easier to use like Spring Security or Apache Shiro.

    Excuse me my english, it isn’t my native language.

  18. TJ Says:

    Hey dude nice work.I found this very useful.. Dunno why you got tired of it when you finished..

  19. Lena Says:

    Yes the book was very useful, since I had to understand the basic work of JAAS and the way to use it.
    Basically a life saver 😉

  20. Cosmin Says:

    Very nice of you to do this. I hope this does encourage you to prepare for your next book 😉

  21. Prem Says:

    The book is quite interesting and I found it useful to teach parts from it in my class.

  22. senthil Says:


    Your book and examples are very good and I would like to buy a hard copy of your book.


  23. Atul Rana Says:

    Surprised to see such a treasure lying here. Even more surprised to see that no one has bothered to comment.

    Mirror and google don’t lie, I landed here and found exactly what I was looking for. Armed with this wealth, I hope to finish my work sooner.

    Never mind the publisher, I would have paid $50 for this.
    Did I forget to thank you explicitly?

  24. Mike Says:

    Nice book. It’s not easy to find detailed and comprehensive documentation with many examples like in your book. Thank you for making it free…

  25. Ahmad_Nafiee Says:

    Before I read this book i think its very worthy …
    Because i work on Building Access Control for Multi-Agent System Jade I need this information, so I down load the book and post thanks for you….
    With my best withes…

  26. Daniel Ofori-Dankwa Says:

    dear author,
    thank you for the book.
    just what i needed. Apache Shiro is good but i want to use standard apis. thanks.

    Daniel (from Ghana)

  27. fatma Says:

    thank you 🙂

  28. Venkat Says:

    Thank You Very Much… Its a great book and it was very helpful in understanding JAAS concepts.

  29. Tony Says:

    how do you want people to reference this material?

  30. Shamil Says:

    Thank you for your book.

  31. Abhijeet Iraj (@abhijeet_iraj) Says:

    Hey thanks for the book!

  32. ehsan Says:

    thanks for the best book!

  33. ivan Says:

    Tks for the book look great..

  34. Sakky Says:

    Thanks for sharing.

  35. Michallis Pashidis Says:

    I thank you too for this book!
    Know that when a publisher doesn’t want to publish, you have now leanpub (https://leanpub.com/)

  36. Amir Says:

    Thanks for the book. It explains the concept well. I was hoping to find something about using JAAS with EJBs.

  37. abdellatif Says:

    thank you coté it’s really an amazing book, just released the burden on us of the security.

    Abdellatif from morocco

  38. Alexey Says:


    Thanks for your book!
    I have a question – where is chapter 11? Source code archive contains package for chapter 11, but it does not present in book archive.

  39. corbeille1801 Says:

    It’s really a winderful book, i was searching for days for such guide, maybe you should donate this to jaas framework team

  40. Pubudu Says:

    Just came across the book. Thanks for sharing your knowledge.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: