The Java Authentication and Authorization Service (JAAS) is the basis of Oware security. It is relevant to those logging in through Web Services. JAAS is a standard extension to the JavaTM 2 Software Development Kit, v 1.3. Currently, Java 2 provides codesource-based access controls (access controls based on where the code originated from and who signed the code). However, it cannot enforce access controls based on who runs the code. JAAS provides a framework that augments the Java 2 security architecture with such support.