How to implement JAAS in J2EE

Hi All,
I need to implement the windows based authentication system to an intranet based application. In other words, the user should be allowed to log into the application with their windows username and password, so that the application does'nt need store a different password, and the application will leave the process of authentication to the Windows operating system.
Thanx in advance

Can anybody tell me will it work or not?

Similar Messages

How to implement JAAS?�?

Hi all,
I'm building a web application using JSP and Sevlet, and I want to design a login page where users enter their name and pass. I heared that if I want to design that page I need to implement JAAS (Java Authentication and Authorization Service) please help me to do that and give me code, links, or articles that talk about design login pages.
thanx,

Some examples to help you get started...
Extracts from web.xml
    
    <servlet>
        <servlet-name>action</servlet-name>
        <servlet-class>org.apache.struts.action.ActionServlet</servlet-class>
        <init-param>
            <param-name>config</param-name>
            <param-value>/WEB-INF/config/struts/struts-config.xml</param-value>
        </init-param>
        <init-param>
            <param-name>debug</param-name>
            <param-value>2</param-value>
        </init-param>
        <init-param>
            <param-name>detail</param-name>
            <param-value>2</param-value>
        </init-param>
        <load-on-startup>2</load-on-startup>
        <security-role-ref>
            <role-name>member</role-name>
            <role-link>member</role-link>
        </security-role-ref>
    </servlet>
    
    <servlet-mapping>
        <servlet-name>action</servlet-name>
        <url-pattern>*.do</url-pattern>
    </servlet-mapping>
    <security-constraint>
        
        <web-resource-collection>
            <web-resource-name>Member Pages</web-resource-name>
            <url-pattern>/members/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>member</role-name>
        </auth-constraint>
        
        <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    
    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/displayLogin.do</form-login-page>
            <form-error-page>/displayLoginError.do</form-error-page>
        </form-login-config>
    </login-config>
    <security-role>
        <role-name>member</role-name>
    </security-role>
Login JSP (Uses Struts specific tags which can be ignored)
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="html" uri="http://struts.apache.org/tags-html-el" %>
<%@ taglib prefix="bean" uri="http://struts.apache.org/tags-bean-el" %>
<form name="LoginForm" action="j_security_check" method="post">
     <table class="TwoColumnForm">
        <tr>
            <th><bean:message key="user.username"/></th>
            <td><input type="text" name="j_username" class="Required" size="32" maxlength="32"/></td>
        </tr>
        <tr>
            <th><bean:message key="user.password"/></th>
            <td><input type="password" name="j_password" class="Required" size="32" maxlength="32"/></td>
        </tr>
         <tr>
             <td Class="Buttons" colspan="2">
                 <html:image styleClass="Button" property="buttons.submit" pageKey="common.img.ok_button.src" alt="common.img.ok_button.alt"/>
                 <html:link page="/displayMain.do"><html:img styleClass="Button" pageKey="common.img.cancel_button.src" altKey="common.img.cancel_button.alt"/></html:link>
             </td>
         </tr>
     </table>
<form>
Configure Tomcat to use custom JAAS login module - add the following to context.xml in META-INF
<Context reloadable="true">
     
     <Realm className="org.apache.catalina.realm.JAASRealm" appName="MyApp" userClassNames="com.myapp.security.jaas.CustomUserPrincipal"
          roleClassNames="com.myapp.security.jaas.CustomRolePrincipal" debug="1"/>
     
     <WatchedResource>META-INF/context.xml</WatchedResource>
     <WatchedResource>WEB-INF/web.xml</WatchedResource>
</Context>
Create a file called jaas.config
MyApp
    com.myapp.security.jaas.CustomLoginModule required;
Specify the jaas.config file as a system property when you start you app server
-Djava.security.auth.login.config=="C:/Projects/MyApp/jaas.config"[b]Implement the CustomLoginModule, CustomUserPrincipal and CustomRolePrincipal as shown in the sun tutorials
These classes need to be deployed where your application server can find them when it starts up, i.e. outside of your WEB-INF/classes and WEB-INF/lib
You can implement the CustomLoginModule how you like, but if your application maintains it's own user database it may get a bit messy - I didn't like the idea of the app server interogating my application database and becoming responsible for the login logic (e.g. lock the account after 3 incorrect attempts etc). For this reason my CustomLoginModule (running in Tomcat) invokes a remote login method in my web app over RMI. The login method return a User object if successful which is added to the CustomUserPrincipal so it can be retrieved in the web-app.
Not the nicest of designs I admit. If anyone can suggest a better approach I'd be glad to hear it. I'm also not a JAAS expert. My app is just for testing out things I'm interested in, it's quite possible I may have misunderstood something along the way.

How to implement JAAS With Weblogic 10.3

I am working on a migration project. A project is to be migrated from JBOSS to Weblogic 10.3. JAAS has been used in JBOSS for security purpose.
Required classess like LoginModule, CallBackHandler are customized and put into a jar file. Next a Login page has been created with action=”j_security_check”, which is supposed to be called whenever protected resource has been requested. In web.xml Roles and Policies are defined. There is a jboss-web.xml in which roles are mentioned. In web.xml
There is a login-config.xml that has been put into Jboss server classpath. In this file, some sql queries are there.
In weblogic I am not able to understand that how to configure this login-config, how to map roles and policies. Exactly I am not able to find what are the steps needed to implement this JAAS in weblogic10.3. I also tried using the Read-Only SQL Authenticator Provider under security Realms but not sure how to use groups, because I have no Group related tables in my DB.
Kindly anyone share the knowledge.

Hi,
I also want to do the same thing. Did you get any solution for this problem. If yes then please share it with me. I am struggling with this.
Thanks,
Sanjay

How to do JAAS and J2EE Deployment Descriptor ACL in WLS

The examples on this website and shipped with WLS stink. Does there exist a GOOD
example of how to
Log in with a form
authenticate (I guess using j_security_check to hook into the web.xml security)
then pull a user from a database and use the roles defined there for authorization
in the rest of the system?
The weblogic examples are from java clients to RMI (ya, thats handy). They also
sit alone. They dont say how to hook them into weblogic. They say to use JAAS
but they have just JAAS examples! No hooking of it into an EJB, servlet, etc!
They also dont show how to hook that code into WLS to use it as your security
module!
Help, I'm at a loss.
They recommend using JAAS but their documentation and examples of doing so suck
or are non existant. We have a complex real world product and need examples of
the same. Stupid, stand alone examples that teach nothing do no help.
frustrated at BEA for their poor documentation and support,
Mike

Also, I use struts....
In struts you have to extend the Action class which then calls the perform()
method on your servlet.
So to call an EJB I have to have my servlet implement PrivilegedAction?
If so, then this wants a run() method. Struts calls perform so that means
I'm going to have to make another class to call from my servlet with a run
method()? Or I'm going to have my servlet implement PrivledgedAction and
call Security.runAs()?
What if I just want to call the EJB from my servlet and put my security
credentials in the JNDI lookup? I want the container to use the roles of the
user in the JNDI lookup to authorize methods based on the deployment
descriptors.
thanks,
Mike
"Vimala Ranganathan" <[email protected]> wrote in message
news:[email protected]...
Hi Micheal,
Attached is an exmaple of JAAS login and invoking an EJB.
Let me know if this turns out to be useful.
Regarding the form based authentication, Could you be more clear on whatissue you are
facing?
Just as note, when you use form based login, WLS would authenticate theuser against
the realm
WLS is setup for, which could be a file Realm, or a RDBMS realm (in whichcase users
and groups are from database)
Roles cannot be defined at the database level. This needs to be atapplication level
which you can define in web.xml or
console(in 7.0)
If you need any specific help or more information please let me know.
Vimala
Michael Lee wrote:
The examples on this website and shipped with WLS stink. Does there
exist a GOOD
example of how to
Log in with a form
authenticate (I guess using j_security_check to hook into the web.xmlsecurity)
then pull a user from a database and use the roles defined there forauthorization
in the rest of the system?
The weblogic examples are from java clients to RMI (ya, thats handy).They also
sit alone. They dont say how to hook them into weblogic. They say to useJAAS
but they have just JAAS examples! No hooking of it into an EJB, servlet,etc!
They also dont show how to hook that code into WLS to use it as yoursecurity
module!
Help, I'm at a loss.
They recommend using JAAS but their documentation and examples of doingso suck
or are non existant. We have a complex real world product and needexamples of
the same. Stupid, stand alone examples that teach nothing do no help.
frustrated at BEA for their poor documentation and support,
Mike

How to do JAAS and J2EE Deployment Descriptor ACL : Please help

I am trying to develop a Single sign on application using EJB's, JAAS,
ACL, struts and JSP to Log in with a form authenticate (using
j_security_check to hook into the web.xml security) then pull a user
from a database and use the roles defined there for authorization in
the rest of the system?
The examples on the web are from java clients to RMI, they also sit
alone. They dont say how to hook them into weblogic. They say to use
JAAS but they have just JAAS examples! No hooking of it into an EJB,
servlet, etc! They also dont show how to hook that code into web
server to use it as your security module!
What Settings/configuration I need to make in the web server for JAAS
to work. How the logic proceeds to authorization after form is
submitted using j_security_check. and to further logic in the
application. How is it then integrated with the Struts action forms.
Help, I'm at a loss. They recommend using JAAS but their documentation
and examples do not explain how. We have a complex real world product
and need examples of
the same. Can somebody provide me a working real-life example which
really work and give me some pointers to proceeds that will be really
helpful.
Thanks in advance for the help.

I am trying to develop a Single sign on application using EJB's, JAAS,
ACL, struts and JSP to Log in with a form authenticate (using
j_security_check to hook into the web.xml security) then pull a user
from a database and use the roles defined there for authorization in
the rest of the system?
The examples on the web are from java clients to RMI, they also sit
alone. They dont say how to hook them into weblogic. They say to use
JAAS but they have just JAAS examples! No hooking of it into an EJB,
servlet, etc! They also dont show how to hook that code into web
server to use it as your security module!
What Settings/configuration I need to make in the web server for JAAS
to work. How the logic proceeds to authorization after form is
submitted using j_security_check. and to further logic in the
application. How is it then integrated with the Struts action forms.
Help, I'm at a loss. They recommend using JAAS but their documentation
and examples do not explain how. We have a complex real world product
and need examples of
the same. Can somebody provide me a working real-life example which
really work and give me some pointers to proceeds that will be really
helpful.
Thanks in advance for the help.

How to implement JAAS authorization with the weblogic 8.1 server

i wrote a code for both the authentication as well as authorization using jaas using the config file and the policy file.
This code works fine stand alone for the authentication as well as authorization.
But when i runs this code inside the server (Weblogic 8.1), authorization deos not works according to my policy file. i have given the policy file path in the startWeblogicServer.cmd script. even i have tried to work with my policies in the java.policy file by giving its path in the java.security file. but this is also useless.
Now, i have doubt that either <b>jaas authorization doesn't work with the weblogic</b>(i am using 8.1) or there is some configuration setting is missing from my side.
Is there anybody who can help me to come out of this problem. Or tell me authorization alternative in the weblogic. I will really appreciate if anyone can help with the some example code.

read this
http://www.onjava.com/pub/a/onjava/excerpt/weblogic_chap17/index.html
http://www.onjava.com/pub/a/onjava/excerpt/weblogic_chap17/index1.html

How to implement the FCKeditor in the WPC

Hi all,
can anyone tell me how to implement the FCKeditor in the Web Page Composer?
I failed to implement TinyMCE because of the domain relaxing thing...
Thanks a lot
Steffi

It's one of J2EE Patterns - Value List Handler.
http://java.sun.com/blueprints/corej2eepatterns/Patterns/ValueListHandler.html
Here is some implementation.
http://valuelist.sourceforge.net/
and some article
http://www.devx.com/Java/Article/21383
Just google "J2EE paging"

How to implement the pagination in the entity bean?

How to implement the pagination in the entity bean? could The rumnum and sub qurey be used in the ejb ql?
Would you mind giving me some methods to implement it?

It's one of J2EE Patterns - Value List Handler.
http://java.sun.com/blueprints/corej2eepatterns/Patterns/ValueListHandler.html
Here is some implementation.
http://valuelist.sourceforge.net/
and some article
http://www.devx.com/Java/Article/21383
Just google "J2EE paging"

How to implement command pattern into BC4J framework?

How to implement command pattern into BC4J framework, Is BC4J just only suport AIDU(insert,update,delete,query) function? Could it support execute function like salary caculation in HR system or posting in GL(general ledger) system? May I create a java object named salaryCalc which use view objects to get the salary by employee and then write it to database?
Thanks.

BC4J makes it easy to support the command pattern, right out of the box.
You can write a custom method on your application module class, then visit the application module wizard and see the "Client Methods" tab to select which custom methods should be exposed for invocation as task-specific commands by clients.
BC4J is not only for Insert,Update,Delete style applications. It is a complete application framework that automates most of the typical things you need to do while building J2EE applications. You can have a read of my Simplifying J2EE and EJB Development Using BC4J whitepaper to read up on an overview of all the basic J2EE design patterns that the framework implements for you.
Let us know if you have more specific questions on how to put the framework into practice.

Help:How can I run the J2EE Client Application? Thanks

Help:How can I run the J2EE Client Application that will access the remote J2EE1.4 application server which runs on another host computer?
I have developped a stateles senterprise java bean name converter and deloyed it in the j2ee1.4 application server on the host machine A. The converterbean provides the remote home interface and remote interface. At the same time I have developped the j2ee application client named convertappclient. When I access the conveter bean at host computer A through the script 'appclient.bat' as 'appclient -client convertappclient.jar', the client can access the bean sucessfully. Now I want to access the bean through the script 'appclient.bat' at host computer B,what files should I copy from host computer A to host computer B;and what the command line should be like? Thanks!
The following are the code of the enterprise java bean and it's home interface .
The client code is also provided.
The enterprise java bean:
package converter;
import java.rmi.RemoteException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
import java.math.*;
public class ConverterBean implements SessionBean {
BigDecimal yenRate = new BigDecimal("121.6000");
BigDecimal euroRate = new BigDecimal("0.0077");
public ConverterBean() {
public BigDecimal dollarToYen(BigDecimal dollars) {
BigDecimal result = dollars.multiply(yenRate);
return result.setScale(2, BigDecimal.ROUND_UP);
public BigDecimal yenToEuro(BigDecimal yen) {
BigDecimal result = yen.multiply(euroRate);
return result.setScale(2, BigDecimal.ROUND_UP);
public void ejbCreate() {
public void ejbRemove() {
public void ejbActivate() {
public void ejbPassivate() {
public void setSessionContext(SessionContext sc) {
The bean's remote home interface :
package converter;
import java.rmi.RemoteException;
import javax.ejb.CreateException;
import javax.ejb.EJBHome;
public interface ConverterHome extends EJBHome {
Converter create() throws RemoteException, CreateException;
The bean's remote interface:
package converter;
import javax.ejb.EJBObject;
import java.rmi.RemoteException;
import java.math.*;
public interface Converter extends EJBObject {
public BigDecimal dollarToYen(BigDecimal dollars) throws RemoteException;
public BigDecimal yenToEuro(BigDecimal yen) throws RemoteException;
The j2ee application client:
import converter.Converter;
import converter.ConverterHome;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.rmi.PortableRemoteObject;
import java.math.BigDecimal;
public class ConverterClient {
public static void main(String[] args) {
try {
Context initial = new InitialContext();
System.setProperty("java.naming.factory.initial","org.jnp.interfaces.NamingContextFactory");
System.setProperty("java.naming.provider.url","jnp://10.144.97.250:3700");
Context myEnv = (Context) initial.lookup("java:comp/env");
Object objref = myEnv.lookup("ejb/SimpleConverter");
ConverterHome home =
(ConverterHome) PortableRemoteObject.narrow(objref,
ConverterHome.class);
Converter currencyConverter = home.create();
BigDecimal param = new BigDecimal("100.00");
BigDecimal amount = currencyConverter.dollarToYen(param);
System.out.println(amount);
amount = currencyConverter.yenToEuro(param);
System.out.println(amount);
System.exit(0);
} catch (Exception ex) {
System.err.println("Caught an unexpected exception!");
ex.printStackTrace();
}

Surprisingly I find an upsurge in the number of posts with this same problem. I recently found a post which gave a nice link for this. Follow the steps and it should help:
http://docs.sun.com/source/819-0079/dgacc.html#wp1022105

Implementing JAAS for NTLoginModule

Hi,
when i am trying to implement JAAS for NTLoginModule , it is directly validating the NTSystem user.
It is going to the required page.
it is not prompting me for UserName and Password. how can i set the options so that it should ask me UserName and Password. by taking those inputs it should cross check with NTSystem userid and password .
if i am trying for SampleLoginmodule it is asking for username and password and validating with the username and password working fine.
Can any one please ....
warm regards,
bill

hi,
can any one pls.....
warm regards,
bill

How to Implement BW in IT Service Desk/IT Help Desk /IT Complain Surveillance Dept/IT Customer Support Dept?

Hi
If a organization have 200 to 300 daily complains of there IT equipment/Software/Network e.t.c.
How to Implement BW in IT Service Desk/IT Help Desk /IT Complain Surveillance Dept/IT Customer Support Dept?
Is there any standard DataSources/InfoObjects/DSOs/InfoCubes etc. available in SAP BI Content?

Imran,
The point I think was to ensure that you knew exactly what was required. A customer service desk can have many interpretations from a BI perspective.
You could have :
1. Operational reports - calls attended per shift , Average number of calls per person , Seasonality in the calls coming in etc
2. Analytic views - Utilization of resources , Average call time and trending , customer satisfaction , average wait time
3. Strategic - Call volumes corresponding to campaigns etc , Employee churn and related call times
Based on these you would then have to construct your models which would be populated by data from the MySQL instance for you to report.
Else if you have BWA you could have data discovery instead or if you have HANA - you could do even more and if you have a HANA sidecar - you technically dont need BW. The possibilities are virtually endless - it depends on how you want to drive it and how the end user ( client ) sees value in the same.

How to implement implicit and explicit enhancement points

Hi,
Can anybody please provide some technical aspects of enhancement spots. I have gone through several sap sites and help poratl but have not get much technical things (how to implement or related t codes). please do not provide link to read theories.
Rgds
sudhanshu

Hi,
Refer to this link...
http://help.sap.com/saphelp_nw2004s/helpdata/en/5f/103a4280da9923e10000000a155106/content.htm

How many types of authentications in sharepoint and how to implement those authentication in sharepoint?

Hi All,
How many types of authentications in sharepoint and how to implement those authentication in sharepoint?
can any one explain the above things with examples?
Thanks in Advance!

In addition to
A Sai Gunaranjan you can also check this URL for Sharepoint 2010:
http://technet.microsoft.com/en-us/library/cc288475(v=office.14).aspx
http://www.codeproject.com/Tips/382312/SharePoint-2010-Form-Based-Authentication
***If my post is answer for your query please mark as answer***
***If my answer is helpful please vote***

How to Implement custom share functionality in SharePoint 2013 document Lib programmatically?

Hi,
I have created custom action for Share functionality in document library.
On Share action i'm showing Model pop up with Share form with addition functionality.
I am developing custom share functionality because there is some addition functionality related to this.
How to Implement custom share functionality in SharePoint 2013 document Lib pro-grammatically?
Regards,
- Siddhehswar

Hi Siddhehswar:
I would suggest that you use the
Ribbon. Because this is a flexible way for SharePoint. In my project experience, I always suggest my customers to use it. In the feature, if my customers have customization about permission then i can accomplish this as soon
as possible. Simple put, I utilize this perfect mechanism to resolve our complex project requirement. Maybe we customize Upload/ Edit/ Modify/ Barcode/ Send mail etc... For example:
We customize <Edit> Ribbon. As shown below.
When user click <Edit Item>, the system will
render customized pop up window.
Will

How to implement JAAS in J2EE

Similar Messages

Maybe you are looking for