Chapter 14: Tomcat Security Method Description initialize abort
Thursday, September 10th, 2009Chapter 14: Tomcat Security Method Description initialize abort commit login logout Initializes the LoginModule Aborts the authentication process Commits the authentication process Authenticates a Subject Logs out a Subject The Provider would also make use of a Principalclass (an implementation of the java.security .Principal interface) that represents users and roles in this particular implementation. For example, JAAS comes with implementations for Windows NT users and domains ( com.sun.security.auth .NTUserPrincipaland com.sun.security.auth.NTDomainPrincipal). JAAS also provides some Provider implementations as a part of the jaasmod.jarJAR file. These include a JNDI Provider ( com.sun.security.auth.module.JndiLoginModule), an NT Login Provider ( com.sun.security.auth.module.NTLoginModule), and a Solaris Login Provider (com.sun.security.auth.module.SolarisLoginModule). In some cases, third-party vendors also provide Providers for their products. Configuring the Provider You must add configuration statements for the Provider in a configuration file. For some Providers (such as the Solaris and NT Login Providers), this is a very simple setup. The following code is a sample of the JAAS Provider configuration for Solaris s Login Provider: SolarisLogin { com.sun.security.auth.module.SolarisLoginModule required; }; Other Providers (such as the JNDI Provider) have a more complex setup (see the following sample). In general, the configuration attributes are Provider-specific: JNDILogin { com.sun.security.auth.module.JndiLoginModule required user.provider.url= ldap://localhost:389/ou=People,dc=companyname,dc=com group.provider.url= ldap://localhost:389/ou=Group,dc=companyname,dc=com ; }; The configuration for the Provider is passed to the JRE through the java.security.auth.login .config environment parameter. Making Changes to the Java Security Policy (if Required) The JAAS authentication Provider class is a trusted part of the system, and hence requires special access permissions. The following code is a sample Java policy file that shows the kind of permissions required: //trust the Provider grant codeBase file:./provider/ { permission java.security.AllPermission; }; (continued)
For high quality website hosting services please check tomcat web hosting website.