JAAS Pluggable Login Module

Subject: JAAS Pluggable Login Module
Author: authen
In response to: The Beauty of JAAS
Posted on: 10/20/2012 12:44:52 AM

JAAS implements a Java version of the standard Pluggable Authentication Module (PAM) framework. All login modules are implementing the common interface LoginModule:

                    +---------------+
                    |  LoginModule  | <-- {login,logout,...}
                    +---------------+
                         /       \ 
                        /         \
         +-----------------+    +-----------------+
         | MyLoginModule_1 |    | MyLoginModule_2 |  ...
         +-----------------+    +-----------------+

For example, you can use com.sun.security.auth.module.Krb5LoginModule to handle Kerberos authentication to KDC.

>
> On 10/20/2012 12:42:24 AM authen wrote:

The beauty of JAAS is attributed to its simplest layout architecture. No matter how complicated the underlying implementation is, the interface remains essentially the same. Once the JAAS interface is integrated into your business layer, it's a done deal -- regardless of the change and upgrade at the actual authentication layer.

Here is a minimal example to integrate JAAS:
/* JAAS Part I -- Authentication */ LoginContext lc = new LoginContext("myLoginEntity"); try { lc.login(); } catch (LoginException e) { throw e; } /* JAAS Part II -- Authorization */ Subject sub = lc.getSubject(); Subject.doAs(sub, new MyPrivilegedAction());

That's it. Just that simple!

References:

Next Post: Injection of Customized JAAS Login Module authen 10/20/2012 12:48:48 AM
Previous Post: The Beauty of JAAS authen 10/20/2012 12:42:24 AM
Next Topic: How to display line numbers in Eclipse IDE Alex_Raj 10/23/2012 06:56:04 PM
Previous Topic: RequestDispatcher.include vs. RequestDispatcher.forward WebSpider 09/17/2012 02:39:34 PM
Index: by Date
Index: by Topic