How to implement JAAS?�?

Hi all,
I'm building a web application using JSP and Sevlet, and I want to design a login page where users enter their name and pass. I heared that if I want to design that page I need to implement JAAS (Java Authentication and Authorization Service) please help me to do that and give me code, links, or articles that talk about design login pages.
thanx,

Some examples to help you get started...
Extracts from web.xml
    <!-- My App uses Struts - declare the struts action servlet -->
    <servlet> 
        <servlet-name>action</servlet-name>
        <servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>/WEB-INF/config/struts/struts-config.xml</param-value>
        </init-param>
        <init-param>
            <param-name>debug</param-name>
            <param-value>2</param-value>
        </init-param>
        <init-param>
            <param-name>detail</param-name>
            <param-value>2</param-value>
        </init-param>
        <load-on-startup>2</load-on-startup>
        <security-role-ref>
            <role-name>member</role-name>
            <role-link>member</role-link>        
        </security-role-ref>
    </servlet>
    <!-- Standard Action Servlet Mapping -->
    <servlet-mapping>
        <servlet-name>action</servlet-name>
        <url-pattern>*.do</url-pattern>
    </servlet-mapping>
    <security-constraint>
        <!-- Member pages can only be accessed by 'members' -->    
        <web-resource-collection>
            <web-resource-name>Member Pages</web-resource-name>
            <url-pattern>/members/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>                              
        </web-resource-collection>
        <auth-constraint>
            <role-name>member</role-name>
        </auth-constraint>       
        <!-- Forces SSL -->
        <user-data-constraint>           
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>           
        </user-data-constraint>   
    </security-constraint>
    <!-- Specify Form Based Authentication -->
    <login-config>
        <auth-method>FORM</auth-method>       
        <form-login-config>
            <form-login-page>/displayLogin.do</form-login-page>
            <form-error-page>/displayLoginError.do</form-error-page>
        </form-login-config>
    </login-config>
    <security-role>
        <role-name>member</role-name>
    </security-role>
Login JSP (Uses Struts specific tags which can be ignored)
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="html" uri="http://struts.apache.org/tags-html-el" %>
<%@ taglib prefix="bean" uri="http://struts.apache.org/tags-bean-el" %>
<form name="LoginForm" action="j_security_check" method="post">
     <table class="TwoColumnForm">     
        <tr>
            <th><bean:message key="user.username"/></th>
            <td><input type="text" name="j_username" class="Required" size="32" maxlength="32"/></td>
        </tr>
        <tr>
            <th><bean:message key="user.password"/></th>
            <td><input type="password" name="j_password" class="Required" size="32" maxlength="32"/></td>
        </tr>        
         <tr>
             <td Class="Buttons" colspan="2">
                 <html:image styleClass="Button" property="buttons.submit" pageKey="common.img.ok_button.src" alt="common.img.ok_button.alt"/>
                 <html:link page="/displayMain.do"><html:img styleClass="Button" pageKey="common.img.cancel_button.src" altKey="common.img.cancel_button.alt"/></html:link>
             </td>
         </tr>        
     </table>
<form>
Configure Tomcat to use custom JAAS login module - add the following to context.xml in META-INF
<Context reloadable="true">
     <!-- Realms -->
     <Realm className="org.apache.catalina.realm.JAASRealm" appName="MyApp" userClassNames="com.myapp.security.jaas.CustomUserPrincipal"
          roleClassNames="com.myapp.security.jaas.CustomRolePrincipal" debug="1"/>
     <!-- Monitored Resources -->
     <WatchedResource>META-INF/context.xml</WatchedResource>     
     <WatchedResource>WEB-INF/web.xml</WatchedResource>
</Context>
Create a file called jaas.config
MyApp
    com.myapp.security.jaas.CustomLoginModule required;
Specify the jaas.config file as a system property when you start you app server
-Djava.security.auth.login.config=="C:/Projects/MyApp/jaas.config"[b]Implement the CustomLoginModule, CustomUserPrincipal and CustomRolePrincipal as shown in the sun tutorials
These classes need to be deployed where your application server can find them when it starts up, i.e. outside of your WEB-INF/classes and WEB-INF/lib
You can implement the CustomLoginModule how you like, but if your application maintains it's own user database it may get a bit messy - I didn't like the idea of the app server interogating my application database and becoming responsible for the login logic (e.g. lock the account after 3 incorrect attempts etc). For this reason my CustomLoginModule (running in Tomcat) invokes a remote login method in my web app over RMI. The login method return a User object if successful which is added to the CustomUserPrincipal so it can be retrieved in the web-app.
Not the nicest of designs I admit. If anyone can suggest a better approach I'd be glad to hear it. I'm also not a JAAS expert. My app is just for testing out things I'm interested in, it's quite possible I may have misunderstood something along the way.

Similar Messages

  • How to implement JAAS With Weblogic 10.3

    I am working on a migration project. A project is to be migrated from JBOSS to Weblogic 10.3. JAAS has been used in JBOSS for security purpose.
    Required classess like LoginModule, CallBackHandler are customized and put into a jar file. Next a Login page has been created with action=”j_security_check”, which is supposed to be called whenever protected resource has been requested. In web.xml Roles and Policies are defined. There is a jboss-web.xml in which roles are mentioned. In web.xml
    There is a login-config.xml that has been put into Jboss server classpath. In this file, some sql queries are there.
    In weblogic I am not able to understand that how to configure this login-config, how to map roles and policies. Exactly I am not able to find what are the steps needed to implement this JAAS in weblogic10.3. I also tried using the Read-Only SQL Authenticator Provider under security Realms but not sure how to use groups, because I have no Group related tables in my DB.
    Kindly anyone share the knowledge.

    Hi,
    I also want to do the same thing. Did you get any solution for this problem. If yes then please share it with me. I am struggling with this.
    Thanks,
    Sanjay

  • How to implement JAAS authorization with the weblogic 8.1 server

    i wrote a code for both the authentication as well as authorization using jaas using the config file and the policy file.
    This code works fine stand alone for the authentication as well as authorization.
    But when i runs this code inside the server (Weblogic 8.1), authorization deos not works according to my policy file. i have given the policy file path in the startWeblogicServer.cmd script. even i have tried to work with my policies in the java.policy file by giving its path in the java.security file. but this is also useless.
    Now, i have doubt that either <b>jaas authorization doesn't work with the weblogic</b>(i am using 8.1) or there is some configuration setting is missing from my side.
    Is there anybody who can help me to come out of this problem. Or tell me authorization alternative in the weblogic. I will really appreciate if anyone can help with the some example code.

    read this
    http://www.onjava.com/pub/a/onjava/excerpt/weblogic_chap17/index.html
    http://www.onjava.com/pub/a/onjava/excerpt/weblogic_chap17/index1.html

  • How to implement JAAS in J2EE

    Hi All,
    I need to implement the windows based authentication system to an intranet based application. In other words, the user should be allowed to log into the application with their windows username and password, so that the application does'nt need store a different password, and the application will leave the process of authentication to the Windows operating system.
    Thanx in advance

    Can anybody tell me will it work or not?

  • Implementing JAAS for NTLoginModule

    Hi,
    when i am trying to implement JAAS for NTLoginModule , it is directly validating the NTSystem user.
    It is going to the required page.
    it is not prompting me for UserName and Password. how can i set the options so that it should ask me UserName and Password. by taking those inputs it should cross check with NTSystem userid and password .
    if i am trying for SampleLoginmodule it is asking for username and password and validating with the username and password working fine.
    Can any one please ....
    warm regards,
    bill

    hi,
    can any one pls.....
    warm regards,
    bill

  • How to Implement BW in IT Service Desk/IT Help Desk /IT Complain Surveillance Dept/IT Customer Support Dept?

    Hi
    If a organization have 200 to 300 daily complains of there IT equipment/Software/Network e.t.c.
    How to Implement BW in IT Service Desk/IT Help Desk /IT Complain Surveillance Dept/IT Customer Support Dept?
    Is there any standard DataSources/InfoObjects/DSOs/InfoCubes etc. available in SAP BI Content?

    Imran,
    The point I think was to ensure that you knew exactly what was required. A customer service desk can have many interpretations from a BI perspective.
    You could have :
    1. Operational reports - calls attended per shift , Average number of calls per person , Seasonality in the calls coming in etc
    2. Analytic views - Utilization of resources , Average call time and trending , customer satisfaction , average wait time
    3. Strategic - Call volumes corresponding to campaigns etc , Employee churn and related call times
    Based on these you would then have to construct your models which would be populated by data from the MySQL instance for you to report.
    Else if you have BWA you could have data discovery instead or if you have HANA - you could do even more and if you have a HANA sidecar - you technically dont need BW. The possibilities are virtually endless - it depends on how you want to drive it and how the end user ( client ) sees value in the same.

  • How to implement implicit and explicit enhancement points

    Hi,
    Can anybody please provide some technical aspects of enhancement spots. I have gone through several sap sites and help poratl but have not get much technical things (how to implement or related t codes). please do not provide link to read theories.
    Rgds
    sudhanshu

    Hi,
    Refer to this link...
    http://help.sap.com/saphelp_nw2004s/helpdata/en/5f/103a4280da9923e10000000a155106/content.htm

  • How many types of authentications in sharepoint and how to implement those authentication in sharepoint?

    Hi All,
    How many types of authentications in sharepoint and how to implement those authentication in sharepoint?
    can any one explain the above things with examples?
    Thanks in Advance!

    In addition to
    A Sai Gunaranjan you can also check this URL for Sharepoint 2010:
    http://technet.microsoft.com/en-us/library/cc288475(v=office.14).aspx
    http://www.codeproject.com/Tips/382312/SharePoint-2010-Form-Based-Authentication
    ***If my post is answer for your query please mark as answer***
    ***If my answer is helpful please vote***

  • How to Implement custom share functionality in SharePoint 2013 document Lib programmatically?

    Hi,
    I have created custom action for Share functionality in document library.
    On Share action i'm showing Model pop up with Share form with addition functionality.
    I am developing custom share functionality because there is some addition functionality related to this.
    How to Implement custom share functionality in SharePoint 2013  document Lib pro-grammatically?
    Regards,
    - Siddhehswar

    Hi Siddhehswar:
    I would suggest that you use the
    Ribbon. Because this is a flexible way for SharePoint. In my project experience, I always suggest my customers to use it. In the feature, if my customers have customization about permission then i can accomplish this as soon
    as possible. Simple put, I utilize this perfect mechanism to resolve our complex project requirement. Maybe we customize Upload/ Edit/ Modify/ Barcode/ Send mail etc... For example:
    We customize <Edit> Ribbon. As shown below.
    When user click <Edit Item>, the system will
    render customized pop up window.
    Will

  • Can't Figure Out How To Implement IEnumerable T

    I have no problem implementing IEnumerable but can't figure out how to implement IEnumerable<T>. Using the non-generic ArrayList, I have this code:
    class PeopleCollection : IEnumerable
    ArrayList people = new ArrayList();
    public PeopleCollection() { }
    public IEnumerator GetEnumerator()
    return people.GetEnumerator();
    class Program
    static void Main(string[] args)
    PeopleCollection collection = new PeopleCollection();
    foreach (Person p in collection)
    Console.WriteLine(p);
    I'm trying to do the same thing (using a List<Person> as the member variable instead of ArrayList) but get compile errors involving improper return types on my GetEnumerator() method. I start out with this:
    class PeopleCollection : IEnumerable<Person>
    List<Person> myPeople = new List<Person>();
    public PeopleCollection() { }
    public IEnumerator<Person> GetEnumerator()
    throw new NotImplementedException();
    IEnumerator IEnumerable.GetEnumerator()
    throw new NotImplementedException();
    class Program
    static void Main(string[] args)
    // Create a PeopleCollection object.
    PeopleCollection peopleCollection = new PeopleCollection();
    // Iterate over the collection.
    foreach (Person p in peopleCollection)
    Console.WriteLine(p);
    Console.ReadLine();
    That code compiles (basically because I haven't really done anything yet), but I get compile errors when I try to implement the GetEnumerator() methods.

    The List<T> class implements the IEnumerable<T> interface, so your enumerator can return the GetEnumerator call from the list.
    class PeopleCollection : IEnumerable<Person>
    List<Person> myPeople = new List<Person>();
    public PeopleCollection() { }
    public IEnumerator<Person> GetEnumerator()
    return myPeople.GetEnumerator();
    IEnumerator IEnumerable.GetEnumerator()
    return myPeople.GetEnumerator();
    class Program
    static void Main(string[] args)
    // Create a PeopleCollection object.
    PeopleCollection peopleCollection = new PeopleCollection();
    // Iterate over the collection.
    foreach (Person p in peopleCollection)
    Console.WriteLine(p);
    Console.ReadLine();

  • How to implement Tool TIP in Table Control

    Hello Everyone,
    Can you please tell me how to implement a tooltip messages in table control columns.
    The Tooltip contains a simple message like "Doublde click on column.
    Thanks in advance.
    Edited by: Suruchi Razdan on Jun 6, 2011 7:57 AM

    Hello,
    In table Control->first Header Row has chance to maintain the Tooltip option.
    In table control columns maintain Double click options in attributes .
    Regards,
    Praveen

  • How to implement a java class in my form .

    Hi All ,
    I'm trying to create a Button or a Bean Area Item and Implement a class to it on the ( IMPLEMENTATION CLASS ) property such as ( oracle.forms.demos.RoundedButton ) class . but it doesn't work ... please tell me how to implement such a class to my button .
    Thanx a lot for your help.
    AIN
    null

    hi [email protected]
    tell me my friend .. how can i extend
    the standard Forms button in Java ? ... what is the tool for that ... can you explain more please .. or can you give me a full example ... i don't have any expereience on that .. i'm waiting for your reply .
    Thanx a lot for your cooperation .
    Ali
    <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by [email protected]:
    Henrik, the Java importer lets you call Java classes on the app server side - I think what Ali is trying to do is integrate on the client side.
    If you want to add your own button then if you extend the standard Forms button in Java and then use this class name in the implementation class property then the Java for your button will be used instead of the standard Forms button. And since it has extended the basic Forms button it has all the standard button functionality.
    There is a white paper on OTN about this and we have created a new white paper which will be out in a couple of months (I think).
    Regards
    Grant Ronald<HR></BLOCKQUOTE>
    null

  • How to implement a file system in my app?

    How to implement a file system in my app? So that we can connect to my iPhone via Finder->Go->Connect to Server. And my iPhone will show as a shared disk. Any ideas about it? Thanks.

    Hi Rain--
    From webdav.org:
    DAV-E is a WebDAV client for iPhone, with free and full versions. It provides remote file browsing via WebDAV, and can be used to upload pictures taken with the iPhone.
    http://greenbytes.de/dav-e.html
    http://www.greenbytes.de/tech/webdav/
    Hope this helps.

  • How to implement remote blob storage in SharePoint 2013

    How to implement remote blob storage in SharePoint 2013 

    Try below:
    http://blogs.technet.com/b/wbaer/archive/2013/05/23/deploying-remote-blob-storage-with-sql-server-2012-alwayson-availability-groups.aspx
    If this helped you resolve your issue, please mark it Answered. You can reach me through http://itfreesupport.com/

  • How to implement tool-tip for the list items for the Choice column in SharePoint 2013

    I had created a simple list with a "Choice" column, i have three entries in my drop-down, 
    First Entry
    Second Entry
    Third Entry.
    If i select any entries in drop-down and hour-over (Second Entry), a
    tool-tip need need to show. 
    Is it possible? If yes how to implement any help will be appreciated.

    Hi,
    We can use JavaScript to achieve it.
    The following code for your reference:
    <script type="text/javascript" src="/sites/DennisSite/Shared%20Documents/js/wz_tooltip.js"></script>
    <script type="text/javascript" src="/sites/DennisSite/Shared%20Documents/js/jquery-1.11.1.min.js"></script>
    <script type="text/javascript">
    $(function () {
    $("select[title='Choice']").change(function(){
    Tip($(this).val());
    $("select[title='Choice']").mouseout(function(){
    UnTip();
    </script>
    Download wz_tooltip.js:
    http://www.walterzorn.de/en/tooltip/tooltip_e.htm#download
    Best Regards
    Dennis Guo
    TechNet Community Support

Maybe you are looking for