Jass Login Authentication

Source: Internet
Author: User
Tags auth commit readline
One what is Jaas

The Java Authentication and authorization service "(Java Authentication and Authorization Service,jaas) is an extension to the Java 2 SDK.

JAAS can be divided into authentication and authorization.

1) Authentication: Authentication user identity. See which user is executing the code. In layman's terms, which user is performing the operation. This operation may be on a application or a bean or servlet.

2) Authorization: Authorized user operation. That is, verifying that the user has specific access to the specified resource. Like whether a user has read access to the specified file.



Two common interfaces

CallbackHandler: Use the user information to authenticate the user.

Loginmodule: Used to authenticate user information.

Just a combined application of two objects configured or passed

Callback is you call me, incoming you, I use the incoming you tune you



Three Simple Demo

Mycallbackhandler.java



Java code Copy Code collection code
Package authentication;
Import Java.io.BufferedReader;
Import java.io.IOException;
4.import Java.io.InputStreamReader;
5.import Javax.security.auth.callback.Callback;
6.import Javax.security.auth.callback.CallbackHandler;
7.import Javax.security.auth.callback.NameCallback;
8.import Javax.security.auth.callback.PasswordCallback;
9.import javax.security.auth.callback.UnsupportedCallbackException;
10.
11.public class Mycallbackhandler implements CallbackHandler {
12.
@Override.
public void handle (callback[] callbacks) throws IOException,
Unsupportedcallbackexception. {
. for (Callback callback:callbacks) {
17.
if (callback instanceof NameCallback) {
NameCallback namecallback= (NameCallback) callback;
20.
. String Prompt=namecallback.getprompt ();
22.
System.err.print (prompt);
24.
Namecallback.setname (New BufferedReader (New InputStreamReader (system.in)). ReadLine ());
26.}
27.
if (callback instanceof PasswordCallback) {
PasswordCallback passwordcallback= (PasswordCallback) callback;
30.
. String Prompt=passwordcallback.getprompt ();
32.
System.err.print (prompt);
34.
Passwordcallback.setpassword (New BufferedReader new InputStreamReader (system.in)). ReadLine (). Tochararra Y ());
36.}
37.}
38.
39.}
40.}




Sampleloginmodule.java



Java code Copy Code collection code
1.package authentication;
2.import Java.util.Map;
3.import Javax.security.auth.Subject;
4.import Javax.security.auth.callback.Callback;
5.import Javax.security.auth.callback.CallbackHandler;
6.import Javax.security.auth.callback.NameCallback;
7.import Javax.security.auth.callback.PasswordCallback;
8.import javax.security.auth.login.LoginException;
9.import Javax.security.auth.spi.LoginModule;
10.public class Sampleloginmodule implements Loginmodule {
11.
//Initial state
Private Subject Subject;
Private CallbackHandler CallbackHandler;
-Private Map sharedstate;
-Private MAP options;
17.
//Configurable option
Private Boolean debug = false;
20.
//username and password
. private String Username;
. private char[] password;
24.
public void Initialize (Subject Subject, CallbackHandler CallbackHandler,
Map sharedstate, map options) {
27.
This.subject = subject;
This.callbackhandler = CallbackHandler;
This.sharedstate = sharedstate;
this.options = options;
32.
//Initialize any configured options
debug = "true". Equalsignorecase (String) options.get ("Debug");
35.}
36.
Notoginseng. Public boolean login () throws Loginexception {
Callback[] callbacks = new callback[2];
Callbacks[0] = new NameCallback ("User name:");
CALLBACKS[1] = new PasswordCallback ("Password:", false);
41.
. try {
Callbackhandler.handle (callbacks);
The.} catch (Exception e) {
(e) throw new RuntimeException;
46.}
Username = ((namecallback) callbacks[0]). GetName ();
Password = ((passwordcallback) callbacks[1]). GetPassword ();
49.
if ("admin". Equals (username) && "admin". Equals (new String (password))) {
. return true;
52.}
53.
A. return false;
55.
56.}
57.
. public Boolean commit () throws Loginexception {
System.out.println ("=========== commit ==========");
return true;
61.}
62.
63.
. public Boolean abort () throws Loginexception {
System.out.println ("=========== abort ==========");
. return true;
67.}
68.
69.
@Override
. public Boolean logout () throws Loginexception {
System.out.println ("=========== logout ==========");
return true;
74.}
75.
76.
77.}




Sampleacn.java



Java code Copy Code collection code
1.package authentication;
2.import Javax.security.auth.login.LoginContext;
3.public class SAMPLEACN {
4. public static void Main (string[] args) throws Exception {
5. LoginContext lc = new LoginContext ("Sample", New Mycallbackhandler ());
6.
7. Lc.login ();
8.}
9.}




Sample_jaas.config



Config code copy Code collection code
1.sample {
2. Authentication. Sampleloginmodule required Debug=true;
3.};




The system parameter to set-djava.security.auth.login.config==src/authentication/sample_jaas.config



Demo Certification Execution Process:



Java code Copy Code collection code
1.LoginContext LC = new LoginContext ("Sample", New Mycallbackhandler ());


Construction LoginContext



Java code Copy Code collection code
1.lc.login ();


Perform the certification. Because system parameters are set

-djava.security.auth.login.config==src/authentication/sample_jaas.config

So the authentication configuration file is Sample_jaas.config. Because the first parameter passed in when constructing logincontext is "sample".

So look for a configuration segment named Sample in Sample_jaas.config. And



Config code copy Code collection code
1.sample {
2. Authentication. Sampleloginmodule required Debug=true;
3.};


Authentication. The Sampleloginmodule is implemented for the specified loginmodule.

Because the second parameter passed in when constructing LoginContext is new Mycallbackhandler. So Mycallbackhandler is used to obtain user authentication information.

Therefore: when executing lc.login (), the login method of Sampleloginmodule is called. and Sampleloginmodule will obtain the user's authentication information through Mycallbackhandler. Returns True if authentication succeeds, otherwise false is returned.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.