jaas

I'm trying to use a custom JAAS authentication module for a web based application hosted on JBoss 5.1.0.GA . So everything seems to be working fine, until the number of users increases and sessions (so it think) start getting mixed. The reason i'm using the custom JAAS is because of a custom authentication backend and the need to pass back the password for futher usage in the application. When i call request.getUserPrincipal in servlets i get an object of type SimplePrincipal instead on my custom principal. To get the user i'm using SecurityAssociation.getSubject().getPrincipals() and suspect

I have a system wherein .NET clients authenticate against a Java server with Kerberos. Everything works, but I'm trying to improve the server configuration. Currently a keytab file is required in the root of C:\ because my jaas.conf looks like this: Server { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true storeKey=true isInitiator=false keyTab="///C:/keytab" principal="XXX"; }; I am trying to make the keyTab property a relative path, but am having no luck. What I've tried: keyTab="///keytab" keyTab="///./keytab" keyTab="classpath:keytab" All of these result in an exception

I have a Java application running on Windows that needs to authenticate to a webapp using Kerberos/SPNEGO. I'm aware of how to configure JAAS to achieve this, but I find the Java (JDK6 and JDK7beta) Kerberos implementation to be lacking a couple important features I need. For example, support for referrals or using the DNS to figure out the realm of a host (I have a multi-realm environment). Is there a third-party module that can implement authentication using the Windows native SSPI ? We've already gone through the trouble of configuring our Windows clients to work within our environment, it

How to implement j_security_check with Primefaces ? Normally in JSP if you want to use JAAS for login, the login form generally is: <form action="j_security_check" method="POST"> Username:<input type="text" name="j_username"><br> Password:<input type="password" name="j_password"> <input type="submit" value="Login"> </form> But how do we implement it in JSF or in Primefaces! What will be the action How do we get rid of id or name like formId:componentId Also the p:commandButton is ajaxified in Primefaces by default, so how does it submit the form in non-ajax way I had a requirement to implement

Please help me on a kerberos+Java problem. I have a simple Java program to authenticate to a Windows Active Directory using Kerberos. The following java code works fine without any problems and prints true- public class KerberosAuthenticator { public static void main(String[] args) { String jaasConfigFilePath = "/myDir/jaas.conf"; System.setProperty("java.security.auth.login.config", jaasConfigFilePath); System.setProperty("java.security.krb5.realm", "ENG.TEST.COM"); System.setProperty("java.security.krb5.kdc","winsvr2003r2.eng.test.com"); boolean success = auth.KerberosAuthenticator

I'm trying to use JAAS for authentication in my WAR. I understand that my configuration file ( another link ) should be placed somewhere (as explained here ). Unfortunately, I can't understand where exactly, if we're talking about WAR? And how to name the file? // JAAS has to find the file and retrieve "foo" from it LoginContext ctx = new LoginContext("foo", this); I had the same problem and I wanted to see if I couldn't dynamically set this property based on the current classpath (which would be located inside the war itself). public class SecurityListener implements ServletContextListener {

I get a ServeletException: Failed to authenticate a principal when I attempt to login with the DatabaseServerLoginModule . I'm guessing the issue is either how passwords are written to the db or the rolesQuery that is incorrect. I certainly can use suggestions on how to troubleshoot at this point. Here is my setup: login-config.xml <application-policy name = "Avengers"> <authentication> <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required"> <module-option name = "dsJndiName">java:/jdbc/thor_ds</module-option> <module-option name = "principalsQuery"