是否有可能使用JAAS在一个Android应用程序？ 在 Android的API 大部分的类< $ C C> javax.security.auth中包$说了

Is it possible to use JAAS within an android app? In the android API most of the classes of the javax.security.auth package are saying

传统安全code;不要使用。

Legacy security code; do not use.

但没有任何替代品以用户为中心JAAS在Android？还是会继续工作，如果我手动部署 jaas.jar ？

But is there any replacement for user-centric JAAS on android? Or might it work if I manually deploy the jaas.jar?

推荐答案

JAAS并没有真正适用于Android系统。 JAAS提供以用户为中心的安全性基于Java的应用程序（谁是身份 - 通常是用户，如LDAP用户标识 - 也就是跑的应用程序，并允许他们做什么，他们正试图）。在机器人，用户ID的使用不同，每个应用程序与不同的用户ID，以便将应用程序彼此分离运行。由于有一个支持JAAS的Java应用程序，Android应用程序的身份非常不同的概念，JAAS模型不与Android机型协调好，因此在文档中的警告。

JAAS doesn't really apply to Android. JAAS provides user-centric security to Java-based applications (who is the identity - usually a "user" such as an LDAP user id - that is "running" the application and are they allowed to do what they are trying to). In Android, user IDs are used differently in that each application runs with a different user ID in order to separate the applications from each other. As there are very different concepts of identity between a JAAS-enabled Java application and an Android application, the JAAS model doesn't reconcile well with the Android model, hence the warnings in the docs.

准相当于在Android世界的权限模型，这是很详细在这本书中解释：的 http://shop.oreilly.com/product/0636920022596.do 。

The quasi-equivalent in the Android world is the permissions model, which is explained in great detail in this book: http://shop.oreilly.com/product/0636920022596.do.