Jass Login Authentication

One what is Jaas

The Java Authentication and authorization service "(Java Authentication and Authorization Service,jaas) is an extension to the Java 2 SDK.

JAAS can be divided into authentication and authorization.

1) Authentication: Authentication user identity. See which user is executing the code. In layman's terms, which user is performing the operation. This operation may be on a application or a bean or servlet.

2) Authorization: Authorized user operation. That is, verifying that the user has specific access to the specified resource. Like whether a user has read access to the specified file.



Two common interfaces

CallbackHandler: Use the user information to authenticate the user.

Loginmodule: Used to authenticate user information.

Just a combined application of two objects configured or passed

Callback is you call me, incoming you, I use the incoming you tune you



Three Simple Demo

Mycallbackhandler.java



Java code Copy Code collection code
Package authentication;
Import Java.io.BufferedReader;
Import java.io.IOException;
4.import Java.io.InputStreamReader;
5.import Javax.security.auth.callback.Callback;
6.import Javax.security.auth.callback.CallbackHandler;
7.import Javax.security.auth.callback.NameCallback;
8.import Javax.security.auth.callback.PasswordCallback;
9.import javax.security.auth.callback.UnsupportedCallbackException;
10.
11.public class Mycallbackhandler implements CallbackHandler {
12.
@Override.
public void handle (callback[] callbacks) throws IOException,
Unsupportedcallbackexception. {
. for (Callback callback:callbacks) {
17.
if (callback instanceof NameCallback) {
NameCallback namecallback= (NameCallback) callback;
20.
. String Prompt=namecallback.getprompt ();
22.
System.err.print (prompt);
24.
Namecallback.setname (New BufferedReader (New InputStreamReader (system.in)). ReadLine ());
26.}
27.
if (callback instanceof PasswordCallback) {
PasswordCallback passwordcallback= (PasswordCallback) callback;
30.
. String Prompt=passwordcallback.getprompt ();
32.
System.err.print (prompt);
34.
Passwordcallback.setpassword (New BufferedReader new InputStreamReader (system.in)). ReadLine (). Tochararra Y ());
36.}
37.}
38.
39.}
40.}




Sampleloginmodule.java



Java code Copy Code collection code
1.package authentication;
2.import Java.util.Map;
3.import Javax.security.auth.Subject;
4.import Javax.security.auth.callback.Callback;
5.import Javax.security.auth.callback.CallbackHandler;
6.import Javax.security.auth.callback.NameCallback;
7.import Javax.security.auth.callback.PasswordCallback;
8.import javax.security.auth.login.LoginException;
9.import Javax.security.auth.spi.LoginModule;
10.public class Sampleloginmodule implements Loginmodule {
11.
//Initial state
Private Subject Subject;
Private CallbackHandler CallbackHandler;
-Private Map sharedstate;
-Private MAP options;
17.
//Configurable option
Private Boolean debug = false;
20.
//username and password
. private String Username;
. private char[] password;
24.
public void Initialize (Subject Subject, CallbackHandler CallbackHandler,
Map sharedstate, map options) {
27.
This.subject = subject;
This.callbackhandler = CallbackHandler;
This.sharedstate = sharedstate;
this.options = options;
32.
//Initialize any configured options
debug = "true". Equalsignorecase (String) options.get ("Debug");
35.}
36.
Notoginseng. Public boolean login () throws Loginexception {
Callback[] callbacks = new callback[2];
Callbacks[0] = new NameCallback ("User name:");
CALLBACKS[1] = new PasswordCallback ("Password:", false);
41.
. try {
Callbackhandler.handle (callbacks);
The.} catch (Exception e) {
(e) throw new RuntimeException;
46.}
Username = ((namecallback) callbacks[0]). GetName ();
Password = ((passwordcallback) callbacks[1]). GetPassword ();
49.
if ("admin". Equals (username) && "admin". Equals (new String (password))) {
. return true;
52.}
53.
A. return false;
55.
56.}
57.
. public Boolean commit () throws Loginexception {
System.out.println ("=========== commit ==========");
return true;
61.}
62.
63.
. public Boolean abort () throws Loginexception {
System.out.println ("=========== abort ==========");
. return true;
67.}
68.
69.
@Override
. public Boolean logout () throws Loginexception {
System.out.println ("=========== logout ==========");
return true;
74.}
75.
76.
77.}




Sampleacn.java



Java code Copy Code collection code
1.package authentication;
2.import Javax.security.auth.login.LoginContext;
3.public class SAMPLEACN {
4. public static void Main (string[] args) throws Exception {
5. LoginContext lc = new LoginContext ("Sample", New Mycallbackhandler ());
6.
7. Lc.login ();
8.}
9.}




Sample_jaas.config



Config code copy Code collection code
1.sample {
2. Authentication. Sampleloginmodule required Debug=true;
3.};




The system parameter to set-djava.security.auth.login.config==src/authentication/sample_jaas.config



Demo Certification Execution Process:



Java code Copy Code collection code
1.LoginContext LC = new LoginContext ("Sample", New Mycallbackhandler ());


Construction LoginContext



Java code Copy Code collection code
1.lc.login ();


Perform the certification. Because system parameters are set

-djava.security.auth.login.config==src/authentication/sample_jaas.config

So the authentication configuration file is Sample_jaas.config. Because the first parameter passed in when constructing logincontext is "sample".

So look for a configuration segment named Sample in Sample_jaas.config. And



Config code copy Code collection code
1.sample {
2. Authentication. Sampleloginmodule required Debug=true;
3.};


Authentication. The Sampleloginmodule is implemented for the specified loginmodule.

Because the second parameter passed in when constructing LoginContext is new Mycallbackhandler. So Mycallbackhandler is used to obtain user authentication information.

Therefore: when executing lc.login (), the login method of Sampleloginmodule is called. and Sampleloginmodule will obtain the user's authentication information through Mycallbackhandler. Returns True if authentication succeeds, otherwise false is returned.