java JAAS
来源:互联网 发布:odn网络是指什么 编辑:程序博客网 时间:2024/05/16 17:56
Java Authentication Authorization Service(JAAS,Java验证和授权API)提供了灵活和可伸缩的机制来保证客户端或服务器端的Java程序。Java早期的安全框架强调的是通过验证代码的来源和作者,保护用户避免受到下载下来的代码的攻击。JAAS强调的是通过验证谁在运行代码以及他/她的权限来保护系统面受用户的攻击。它让你能够将一些标准的安全机制,例如SolarisNIS(网络信息服务)、WindowsNT、LDAP(轻量目录存取协议),Kerberos等通过一种通用的,可配置的方式集成到系统中。
Easy{
com.camps.jaas.EasyLoginModulerequired debug=false;
};
-Djava.security.auth.login.config=jaas.conf
jaas.conf is absolute path
public class LoginService {
public void login(String username, String pass){
LoginContextlc;
try {
lc = newLoginContext("Easy",new EasyCallbackHandler(username, pass));
lc.login();
SubjectuserSubject = lc.getSubject();
userSubject.getPrincipals();
} catch (LoginException e) {
e.printStackTrace();
}
}
}
public class EasyLoginModule implements LoginModule{
private booleanisAuth;
private Subjectsubject;
private CallbackHandlerhandler;
private Principalprincipal;
public booleanabort() throws LoginException {
returnfalse;
}
public booleancommit() throws LoginException {
if(isAuth)
subject.getPrincipals().add(principal);
returnisAuth;
}
public voidinitialize(Subject subject, CallbackHandler callbackHandler,
Map<String,?> sharedState, Map<String, ?> options) {
this.subject= subject;
this.handler= callbackHandler;
}
public booleanlogin() throws LoginException {
NameCallbacknameCallback = new NameCallback("username");
PasswordCallbackpasscallback = new PasswordCallback("password",true);
try {
handler.handle(newCallback[]{nameCallback, passcallback});
}catch (IOException e) {
e.printStackTrace();
}catch (UnsupportedCallbackExceptione) {
e.printStackTrace();
}
Stringusername = nameCallback.getName();
Stringpassword = passcallback.getPassword().toString();
if(username.equals("zz")&& password.equals("yy")){
isAuth =true;
principal =newEasyPrincipal(username);
}
returnisAuth;
}
public booleanlogout() throws LoginException {
subject.getPrincipals().remove(principal);
principal =null;
returnfalse;
}
}
public class EasyCallbackHandler implements CallbackHandler{
private Stringusername;
private Stringpassword;
public EasyCallbackHandler(String username,String password){
this.username= username;
this.password= password;
}
public voidhandle(Callback[] callbacks) throwsIOException,
UnsupportedCallbackException{
for(Callback callback:callbacks){
if(callbackinstanceofNameCallback){
((NameCallback)callback).setName(username);
}
if(callbackinstanceofPasswordCallback){
((PasswordCallback)callback).setPassword(password.toCharArray());
}
}
}
}
public class EasyPrincipal implements Principal{
privateString name;
publicEasyPrincipal(String name){
this.name= name;
}
publicString getName() {
returnthis.name;
}
}
- java JAAS
- JAAS
- JAAS
- jaas
- JAAS
- JAAS
- JAAS
- JAAS
- JAAS
- JAAS
- java security evolution and JAAS
- JAAS:灵活的Java安全机制(1)
- JAAS:灵活的Java安全机制(2)
- JAAS:灵活的Java安全机制(3)
- JAAS:灵活的Java安全机制(4)
- JAAS:灵活的Java安全机制
- JAAS:灵活的Java安全机制
- 用 JAAS 和 JSSE 实现Java 安全性
- QI之我见
- 界面设计之软件界面设计要素
- 北京实习总结——记住牛人那些话
- 来自博客园的文章。
- 求满足条件n=a!+b!+c!的所有三位数n 并输出,要求用自定义函数实现求阶乘(穷举法)
- java JAAS
- magento 立即购买跳转到结账页面
- 平板增长远超智能手机 iPad占有率达68%!
- android自定义复合控件
- hive近期相关问题列表
- axis1小例子之进阶篇
- yum 失败(This system is not registered with RHN.)解决
- 配置信息
- 求满足条件n=a!+b!+c!的所有三位数n 并输出,要求用自定义函数实现求阶乘(正常版)