The Jaas:java authentication and Authorization Service provides a certification and authorization framework.
This example is the implementation of authentication, JAAS defines the pluggable authentication mechanism, so that the authentication logic independent, you can modify the configuration file to switch the authentication module.
I. Configuration files and Settings
1. Configuration file (assuming d:/jaas.conf): sample{
Com.fastunit.samples.jaas.SampleLoginModule required Debug=false;
};
This file defines a "Sample" validation module, which is validated using Sampleloginmodule.
2. Enable the configuration file:
-djava.security.auth.login.config=d:/jaas.conf
second, the client calls Import Javax.security.auth.login.LoginContext;
Import javax.security.auth.login.LoginException;
Import Javax.servlet.http.HttpServletRequest;
public class Loginmanager {
public static Boolean login (HttpServletRequest request) {
try {
String username = request.getparameter ("username");
String Password = request.getparameter ("password");
The "Sample" authentication module using the configuration file is specified here, and the corresponding implementation class is Sampleloginmodule
LoginContext LC = new LoginContext ("Sample", New Samplecallbackhandler (
Username, password));
Lc.login ();//if validation fails, an exception is thrown
return true;
} catch (Loginexception e) {
E.printstacktrace ();
return false;
} catch (SecurityException e) {
E.printstacktrace ();
return false;
}
}
}
Import java.io.IOException;
Import Javax.security.auth.callback.Callback;
Import Javax.security.auth.callback.CallbackHandler;
Import Javax.security.auth.callback.NameCallback;
Import Javax.security.auth.callback.PasswordCallback;
Import javax.security.auth.callback.UnsupportedCallbackException;
public class Samplecallbackhandler implements CallbackHandler {
Private String username;
private String password;
Public Samplecallbackhandler (final string username, final string password) {
This.username = Username;
This.password = password;
}
public void handle (callback[] callbacks) throws IOException,
unsupportedcallbackexception {
for (int index = 0; index < callbacks.length; index++) {
if (Callbacks[index] instanceof NameCallback) {
NameCallback NCB = (namecallback) Callbacks[index];
Ncb.setname (username);
}
if (Callbacks[index] instanceof PasswordCallback) {
PasswordCallback PCB = (passwordcallback) Callbacks[index];
Pcb.setpassword (Password.tochararray ());
}
}
}
}
third, verification implementation Import java.io.IOException;
Import Java.util.Map;
Import Javax.security.auth.Subject;
Import Javax.security.auth.callback.Callback;
Import Javax.security.auth.callback.CallbackHandler;
Import Javax.security.auth.callback.NameCallback;
Import Javax.security.auth.callback.PasswordCallback;
Import javax.security.auth.callback.UnsupportedCallbackException;
Import javax.security.auth.login.LoginException;
Import Javax.security.auth.spi.LoginModule;
public class Sampleloginmodule implements Loginmodule {
Private Boolean isauthenticated = false;
Private CallbackHandler CallbackHandler;
Private Subject Subject;
Private Sampleprincipal principal;
public void Initialize (Subject Subject, CallbackHandler CallbackHandler,
Map sharedstate, map options) {
This.subject = subject;
This.callbackhandler = CallbackHandler;
}
public Boolean login () throws Loginexception {
try {
NameCallback namecallback = new NameCallback ("username");
PasswordCallback passwordcallback = new PasswordCallback ("Password",
FALSE);
Final callback[] calls = new callback[] {namecallback, passwordcallback};
Get User Data
Callbackhandler.handle (calls);
String username = namecallback.getname ();
String password = string.valueof (Passwordcallback.getpassword ());
TODO authentication, such as: Querying database, LDAP ...
if (true) {//validation passed
Principal = new Sampleprincipal (username);
IsAuthenticated = true;
} else {
throw new Loginexception ("User or password is wrong");
}
} catch (IOException e) {
throw new Loginexception ("No such user");
} catch (Unsupportedcallbackexception e) {
throw new Loginexception ("Login Failure");
}
return isauthenticated;
}
/**
* Post-validation processing, adding user objects in subject
*/
public Boolean commit () throws Loginexception {
if (isauthenticated) {
Subject.getprincipals (). Add (Principal);
} else {
throw new Loginexception ("Authentication Failure");
}
return isauthenticated;
}
public Boolean abort () throws Loginexception {
return false;
}
public Boolean logout () throws Loginexception {
Subject.getprincipals (). Remove (principal);
Principal = NULL;
return true;
}
}
Import java.security.principal;
public final class sampleprincipal implements principal {
private String name;
public sampleprincipal (string name) {
this.name = name;
}
public string getname () {
return name;
}
public boolean equals (object o) {
return (o instanceof sampleprincipal)
&& this.name.equalsignorecase (((Sampleprincipal) o). Name);
}
public int hashcode () {
return Name.touppercase (). Hashcode ();
}
}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
