jaas

问题 I'm trying to find a simple, flexible way to add JaaS authentication to REST. I found a post that I think leads me in the right direction (See StevenC's answer). It sounds like the servlet container is responsible for security, not the Jersey code itself. I like this idea, but need a little guidance on implementation. Grizzly is my servlet container and I want to configure it to use JaaS for authentication. For now, a simple username/password combination would be fine, and hard-coding the

问题 I am using JAAS to get Kerberos credentials. My config file look like this: SignedOnUserLoginContext { com.sun.security.auth.module.Krb5LoginModule required debug=true useTicketCache=true doNotPrompt=true; }; The code to get Kerberos credentials try { LoginContext lc = new LoginContext("SignedOnUserLoginContext"); lc.login(); Subject signedOnUserSubject = lc.getSubject(); Set<Object> privateCred = signedOnUserSubject.getPrivateCredentials(); for (Object privates : privateCred) { if (privates

问题 I am trying to create a JMS connection from WebSphere App Server 7, but keep getting JMSWMQ2013 (with MQ reason code 2035). Clearly this is an authentication problem, and I can see many other similar reports so I have a rough idea of the general problem. I'm awaiting feedback from our operations team as to the exact configuration of the channel, however, in the meantime I have one observation that is quite puzzling. If I use WebSphere's JAAS authentication to provide the userid, then I always

问题 I am referring to JAAS Login Configuration File. It talks about 2 ways to specify which login configuration file to be used: The first approach where we set the jaas.conf through VM arg java.security.auth.login.config . Second through the security properties file is the java.security file located in the lib/security directory of the JRE. In the second approach we can specify multiple files. Is there a way to specify multiple jaas.conf files using the first approach of setting VM arg java

问题 I am referring to JAAS Login Configuration File. It talks about 2 ways to specify which login configuration file to be used: The first approach where we set the jaas.conf through VM arg java.security.auth.login.config . Second through the security properties file is the java.security file located in the lib/security directory of the JRE. In the second approach we can specify multiple files. Is there a way to specify multiple jaas.conf files using the first approach of setting VM arg java

问题 I am planing to use JAAS for authorization purpose. I am using GWT on GUI side and Java on server side. Please suggest some code to handle authorization using JAAS. Does it has support for GWT?. Is there any way to control disable and enable button using JAAS? Does any library available to handle authorization for GWT appliation?. 回答1: AFAIK there is no library in GWT that handles authorization. That's also not really straightforward as authorization is mainly handled on the backend and there

问题 I'm using JAAS to secure my web-application. As the title says, the problem is that i get the home page which is in the protected folder instead of the login page. Actually the home page is my welcome page. By the way, it works fine when i write the URL (/myappJaas/protected/admin/homeadmin.xhtml) in the web browser. This is the web.xml file: <welcome-file-list> <welcome-file>/protected/admin/homeadmin.xhtml</welcome-file> </welcome-file-list> <security-constraint> <web-resource-collection>

问题 I'm using JAAS to secure my web-application. As the title says, the problem is that i get the home page which is in the protected folder instead of the login page. Actually the home page is my welcome page. By the way, it works fine when i write the URL (/myappJaas/protected/admin/homeadmin.xhtml) in the web browser. This is the web.xml file: <welcome-file-list> <welcome-file>/protected/admin/homeadmin.xhtml</welcome-file> </welcome-file-list> <security-constraint> <web-resource-collection>

问题 I'm trying to wire our windows client application to use a single-sign-on mechanism. I'm following the explanations that can be found here. I'm already having trouble getting the first step to work, that is, acquiring the Signed On User's Ticket-Granting-Ticket. When running my unit test (code see below), I'm getting the following exception: javax.security.auth.login.LoginException: Unable to obtain Princpal Name for authentication at com.sun.security.auth.module.Krb5LoginModule.promptForName

问题 I am having trouble implementing a Login interface like the example Simple CRUD Web Application with JSF 2.1, PrimeFaces 3.5, EJB 3.1, JPA (ORM) / EclipseLink, JAAS , MySQL On TomEE's mailing list, I have been told that the LoginController.java I am using tries to inject Logger, but Logger injection is not managed by CDI. I have been told to use a producer instead. Not knowing what it is, I searched on the internet and I found this example But I am still not confortable with it, so please