Find JSRs
Submit this Search

Ad Banner

Summary  |  Proposal  |  Detail (Summary & Proposal)
JSRs: Java Specification Requests
JSR 28: Java SASL Specification

Stage Access Start Finish
Final Release 2 Download page 23 Dec, 2003  
Maintenance Draft Review Download page 21 Oct, 2002 25 Nov, 2002
Final Release Download page 30 Sep, 2002  
Final Approval Ballot View results 18 Jun, 2002 01 Jul, 2002
Proposed Final Draft 2 Download page 14 Mar, 2002  
Proposed Final Draft Download page 13 Nov, 2001  
Public Review Download page 16 Jul, 2001 14 Sep, 2001
Community Draft Ballot View results 29 May, 2001 04 Jun, 2001
Community Review Login page 03 May, 2001 04 Jun, 2001
Expert Group Formation   01 Sep, 1999 04 Apr, 2000
CAFE   16 Aug, 1999 31 Aug, 1999
JSR Approval   09 Aug, 1999 16 Aug, 1999
Status: Final
JCP version in use: 2.1
Java Specification Participation Agreement version in use: 1.0

This specification defines a SASL client and server API in the JavaTM programming language.

Please direct comments on this JSR to the Spec Lead(s)

Specification Leads
  Rosanna Lee Sun Microsystems, Inc.
Expert Group
  Cisco Systems Sun Microsystems, Inc.  

Original Java Specification Request (JSR)

Identification | Request | Contributions

Section 1: Identification

Submitting Participant: Netscape Communications Corp.
Name of Contact Person: Rob Weltman
E-Mail Address:
Telephone Number: 1-650-937-3301
Fax Number: 1-650-5476
Submitting Participant: Sun Microsystems, Inc.
Name of Contact Person: Rosanna Lee
E-Mail Address:
Telephone Number: 1-408-863-3221
Fax Number: 1-408-343-1530

Section 2: Request

2.1 Proposed Specification:
Simple Authentication and Security Layer (SASL) specifies a challenge-response protocol in which data is exchanged between the client and the server for the purposes of authentication and (optional) establishment of a security layer on which to carry on subsequent communications. It is used with connection-based protocols such as the Lightweight Directory Access Protocol (LDAP) v3, and Internet Message Access Protocol (IMAP) v4. SASL is described in RFC 2222.

There are various mechanisms defined for SASL. Each mechanism defines the data that must be exchanged between the client and server in order for the authentication to succeed. Mechanisms are registered with IANA.

This proposal is to define a SASL client and server API in the Java programming language.

2.2 What is the target Java platform?
Desktop, Server
2.3Need of the Java community that this will addressed
  • Makes easier the development of libraries written in the Java programming language for popular protocol standards that use SASL, such as LDAP v3 and IMAP v4.
  • Independence between those building and supplying SASL mechanisms and those using them.
2.4 Why isn't this need met by existing specifications?
There is currently no standard Java API for SASL. Protocol libraries written in the Java programming language that support SASL, such as LDAP v3 and IMAP v4, currently support SASL in an adhoc manner. A mechanism implementation for one protocol cannot easily be used in another protocol.
2.5 Description:
The proposal defines classes and interfaces for SASL mechanisms. It also provides a pluggable authentication framework that allows SASL mechanisms to be added dynamically to the runtime environment. The API will allow developers to write client and server applications or protocol libraries that can authenticate using different SASL mechanisms, and to write mechanism implementations that can be used by such SASL-enabled applications/libraries.
2.6 Proposed package name
2.7 Dependencies
The Java Authentication and Authorization Service
2.8 Security issues that cannot be addressed by the current security model?
The proposed API can use the current security model.
2.9 Internationalization or localization issues
2.10 Existing specifications that might be rendered obsolete, deprecated, or in need of revision

Section 3: Contributions

3.1 Existing documents, specifications, or implementations that describe the technology.
The SASL negotiation protocol is defined by RFC 2222. The proposed API must support authentication negotiations conforming to the protocol defined in this document.

An Internet Draft has been published with a proposal for a Java SASL API, available as The draft will be a starting point for definition of this proposal.

3.2 Explanation of how these items might be used as a starting point for the work.
Using the Internet Draft as a starting point, the proposal will make the API fit better within the Java platform, using patterns common to the platform.