...
Similar to GSSAPI, it is an API that allows for mutual authentication and (optionally) encryption. One such implementation is called GSSAPI, so SASL can be seen as sitting "on top" of GSSAPI. I found that I did not need to interact with GSSAPI directly at all. There is no additional dependencies needed to use SASL with Java since it is part of the the Java Standard Edition. If you want to use encryption, you need to install and configure the Java security extension known as Java Cryptography Extension (JCE). JCE enables the more robust encryption required by Kerberos within the Java Authentication and Authorization Service (JAAS). The JCE that needs to be installed is specific to the version of Java you are running.
- For Oracle JDK 1.8:
http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html - For Oracle JDK 1.7:
http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
JAAS (Java Authentication and Authorization Service)
This is a Java-specific API that interacts with SASL but is distinct from it. The Zookeeper integration described here uses the JAAS configuration file format and the SASL APIs. There is no additional dependencies needed to use JAAS since it has been part of the the Java Standard Edition since 1.4.