Main Page
Authentication Pure JAAS Sample
PureJAASSampleLoginModule
The sample program demonstrate how to write pure JAAS module to replay
callbacks by authenticating using IS Auth Remote API. It will authenticate
user by replaying the callbacks required by IS Auth Module.
It is very easy to modify this program to use other existing or customized
IS Authentication module. this sample module can be plugged in into
any standard JAAS framework using JAAS API.
Solaris:
-
To run the sample program on Solaris, you will need to modify/verify the
following:
In Makefile
BASE |
where Identity server is installed |
JAVA_HOME |
where Java compiler is installed |
CONFIG |
the entry specified in login configuration file which should
be used to do the user authentication |
-
Copy AMConfig.properties from IS server installation machine location
/etc/opt/SUNWam/config
from the server machine to the client machine
-
Keep am_services.jar, jaas.jar, jss3.jar, AMConfig.properties
in your classpath on client machine. (Note: Include jaas.jar in your classpath
if you are using JDK version less than JDK1.4)
-
A sample configuration file purejaassample.config is provided for
the testing this sample, contains only one entry , which is
Sample {
PureJAASSampleLoginModule required ORG_NAME="dc=iplanet,dc=com" INDEX_NAME="LDAP" debug=true;
};
This entry is named "Sample" and that is the name to be entered for
CONFIG in Makefile., The entry specifies that the LoginModule to
be used to do the user authentication is the PureJAASSampleLoginModule
and that this SampleLoginModule is required to "succeed" in order for authentication
to be considered successful. pass options with ORG_NAME
as orgnization name and INDEX_NAME as IS auth module to which this
sample has to authenticate .
if different login configuration need to be used , modify Makefile
to some thing like this
-Djava.security.auth.login.config=purejaassample.config to -Djava.security.auth.login.config=<yourj_jaas_config_file.config>
-
To compile, just issue gmake.
-
To run the sample program, execute gmake run.
For SSL mode:
-
Add this JVM property in the sample client program
-
-D "java.protocol.handler.pkgs=com.iplanet.services.comm"
-
Edit the following property in AMConfig.properties file
-
com.iplanet.am.admin.cli.certdb.dir=<ISinstall-dir>/SUNWam/servers/alias
-
com.iplanet.am.admin.cli.certdb.prefix=https-machine1.red.iplanet.com-machine1-
-
com.iplanet.am.server.protocol to https
-
com.iplanet.am.server.port to the appropriate port on the server
machine
where machine1 is the host name of the server
Windows2000:
-
To run the sample program on Windows2000, you will need to modify/verify
the following:
In make.bat
BASE |
where Identity server is installed |
JAVA_HOME |
where Java compiler is installed |
CONFIG |
the entry specified in login configuration file which should
be used to do the user authentication |
-
Copy AMConfig.properties from IS server installation machine location
/etc/opt/SUNWam/config
from the server machine to the client machine
-
Keep am_services.jar, jaas.jar, jss3.jar, AMConfig.properties
in your classpath on client machine. (Note: Include jaas.jar in your classpath
if you are using JDK version less than JDK1.4)
-
A sample configuration file purejaassample.config is provided for
the testing this sample, contains only one entry , which is
Sample {
PureJAASSampleLoginModule required ORG_NAME="dc=iplanet,dc=com" INDEX_NAME="LDAP" debug=true;
};
This entry is named "Sample" and that is the name to be entered for
CONFIG in Makefile., The entry specifies that the LoginModule to
be used to do the user authentication is the PureJAASSampleLoginModule
and that this SampleLoginModule is required to "succeed" in order for authentication
to be considered successful. pass options with ORG_NAME
as orgnization name and INDEX_NAME as IS auth module to which this
sample has to authenticate .
if different login configuration need to be used , modify Makefile
to some thing like this -Djava.security.auth.login.config=purejaassample.config
to -Djava.security.auth.login.config=<yourj_jaas_config_file.config>
-
To compile, just issue make.
-
To run the sample program, execute make run.
For SSL mode:
-
Add this JVM property in the sample client program
-
-D "java.protocol.handler.pkgs=com.iplanet.services.comm"
-
Edit the following property in AMConfig.properties file
-
com.iplanet.am.admin.cli.certdb.dir=<ISinstall-dir>\SUN\IdentityServer6\Servers\alias
-
com.iplanet.am.admin.cli.certdb.prefix=https-machine1.red.iplanet.com-machine1-
-
com.iplanet.am.server.protocol to https
-
com.iplanet.am.server.port to the appropriate port on the server
machine
where 'machine1' is the host name of the server
For the details, please reference the Remote Client API Java
Docs.
For the details, on how to plugin Login Module into standard JAAS Context see JAAS Reference Guide
|