This discussion is archived
7 Replies Latest reply: May 11, 2011 12:48 PM by 861242 RSS

Authenticate user with Java API's?

852668 Newbie
Currently Being Moderated
Hi,
I have a server program written in Java, it accepts requests from client apps and has to authenticate the users credentials.

Currently we use JNI to access the platform specific libraries (PAM on Linux, SSPI/NTLM on Windows, etc...). I've done quite a bit of searching and haven't found anything but I thought I would ask if anyone knows of any packages available (in Java itself, open source or commercial - can not be GPL or LGPL) that can perform these tasks (preferably 100% java but JNI wrapper code is fine too)?

Specifically the SSPI/NTLM code is a bit convoluted so I would ideally like to replace that code, in case you know of something specific to Windows.

Thanks in advance!

jim
  • 1. Re: Authenticate user with Java API's?
    gimbal2 Guru
    Currently Being Moderated
    Investigate JAAS. If there is nothing in there that you can use, I don't give you much hope.

    http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html
  • 2. Re: Authenticate user with Java API's?
    852668 Newbie
    Currently Being Moderated
    I've looked through JAAS and didn't see anything.

    I suspect you are correct, little hope...
  • 3. Re: Authenticate user with Java API's?
    EJP Guru
    Currently Being Moderated
    I've looked through JAAS and didn't see anything.
    JAAS has an NTLM module. Hard to see how you could have missed that. I'm sure you'll find a PAM module out there somewhere.
  • 4. Re: Authenticate user with Java API's?
    852668 Newbie
    Currently Being Moderated
    EJP wrote:
    I've looked through JAAS and didn't see anything.
    JAAS has an NTLM module. Hard to see how you could have missed that. I'm sure you'll find a PAM module out there somewhere.
    I've seen references indicating there is such a thing, but have not figured out the correct search terms to find an actual example or documentation on using it. Would you have a pointer to information on JAAS & NTLM?

    Thanks
  • 5. Re: Authenticate user with Java API's?
    EJP Guru
    Currently Being Moderated
    Err, the Java documentation? There's a big architecture picture on which you click JAAS.
  • 6. Re: Authenticate user with Java API's?
    852668 Newbie
    Currently Being Moderated
    EJP wrote:
    Err, the Java documentation? There's a big architecture picture on which you click JAAS.
    I've been searching for a couple of days before posting here. I was not able to find anything useful, now it's quite possible it is staring me in the face & I am just not seeing it so I was hoping for something like a direct link.

    The only thing that I have been able to find is the 'NTLoginModule' but that name is a bit of a misnomer as all it does it give you information on the currently logged in user, it doesn't allow you to pass a username/pwd and authenticate the user.

    Jim

    Edited by: JimM on Apr 22, 2011 2:41 PM
  • 7. Re: Authenticate user with Java API's?
    861242 Newbie
    Currently Being Moderated
    You can look [url http://download.oracle.com/javase/6/docs/jre/api/security/jaas/spec/com/sun/security/auth/module/package-summary.html]here for specific documentation on LoginModule s.

    You should spend a few minutes studying these (short) tutorials:
    [url http://download.oracle.com/javase/6/docs/technotes/guides/security/jgss/tutorials/AcnOnly.html]JAAS Authentication
    [url http://download.oracle.com/javase/6/docs/technotes/guides/security/jgss/tutorials/LoginConfigFile.html]JAAS Login Configuration File

    Especially notice the two-liner for doing authentication asking the user for a username and password from the console:
        LoginContext lc = new LoginContext("JaasSample", new TextCallbackHandler());
        lc.login();
    If your users supply username and password by other means, it should be straight forward to wrap those in an implemetation of CallbackHandler.

    Cheers,
    Opher.

    Edited by: 858239 on 22:42 11/05/2011

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points