Tuesday, February 7, 2006 12:56 AM
I have a doubt regarding JAAS implementation.
Suppose I am using JAAS for implementing a Pluggable Authentication Module for a stand alone java application (Not J2EE) and LoginModule uses native OS authentication mechanism to authenticate users.
In this case where should I keep my JAAS policy file.
In all the tutorials which I come across, JAAS policy file is kept with the code in client machine.So how do we hide file from user. I dont want user modify the policy file and alter the previlages.
Can somebody give some insights regarding this.