JAASTopicsSlide 3JAAS ClassesImportant onesSubjectLoginModuleLoginModule(cont.)LoginContextConfigurationCallback & CallbackHandlerAuthentication ExampleRunning the ExampleSlide 14AuthorizationDeclarative AuthorizationProgrammatic AuthorizationSlide 18BibliographyJAASJAAS Qingyang Liu and Lingbo WangCSCI 5931.01 Web SecurityApril 2, 2003TopicsTopicsJAASJAASJAAS JAAS stands for Java Authentication and Authorization Service. It grants permissions based on who is executing the code. JAAS uses Pluggable Authentication Modules(PAM) for authentication. Different modules can be plugged in, allowing the user to be authenticated against most PAM‑capable mechanisms.JAAS will be integrated into J2EE, Java 2 Enterprise Edition and JDK 1.4.JAAS ClassesJAAS Classes JAAS defines the following packages:O javax.security.authO javax.security.auth.callbackO javax.security.auth.loginO javax.security.auth.spiImportant onesImportant onesjavax.security.auth.Subjectjavax.security.auth.spi.LoginModulejavax.security.auth.login.Logincontextjavax.security.auth.login.Configurationjavax.security.auth.callback.Callbackjavax.security.auth.callback.CallbackHandlerSubjectSubject The subject class represents a single entity using the system. A subject can possess one or more identities by an instance of java. security. Principal. The method getPrincipal () returns a Set of those principals. Subjects also contain a list of credentials ( public and private). Credentials can be accessed via Subject. getPublicCredentials () and Subject. getPrivateCredentials ( ) . Credentials are just objects, and don't inherit from a superclass or implement an interface. Subjects represent who is running the currently executing code. The active subject can be fetched with the static method Subject . getSubject () .LoginModuleLoginModuleLoginModule is an interface that must be implemented in order to provide authentication. Multiple login modules can be used at a time, and JAAS will attempt to log in via each of them. JAAS can be configured to allow or deny logins based on which of those various attempts succeed. Loginmodule defines five methods, initialize () , login(), commit () , abort ( ) , and logout ( ), to implement a two‑phase commit for authentication when using multiple authentication methods.LoginModule(cont.)LoginModule(cont.)inltialize(Subject subject, CallbackHandler handler, Map sharedState, Map options) This method sets up the LoginModule to be used to attempt a login. login()This method checks the credentials of the subject passed in earlier. How this is done is implementation‑dependent. commit()If the necessary logins were successful, JAAS will call commit () on each login module. abort()As the necessary login modules failed, the the abort () method is called. logout()This method logs out a subject.LoginContextLoginContextThe login context is used to actually log in. The code performing the authentication instantiates a LoginContext, which then uses a Configuration to determine which login modules to use to authenticate a subject. The code attempting to authenticate then calls login () on the LoginContext.ConfigurationConfigurationConfiguration is an abstract class that defines how a LoginContext and Loginmodules should be used. The main use of a configuration is to determine which login modules need to be called and states of the entire login process. There are four possibilities : O Required ‑ must succeed for the entire login to succeed. Even fails, the other login modules are queried.O Requisite ‑ If fails, the login process is short‑circuited and no more login modules are called.O Sufficient ‑ If this module succeeds and no required or requisite modules fail, the entire login succeeds.O Optional ‑ This modules' success doesn't impact on the remainder of the login process. If no sufficient, requisite, or required modules fail, the login succeeds, regardless of whether an optional module succeeds.Callback & CallbackHandlerCallback & CallbackHandlerThe Callback interface contains no methods. It is simply there to tag classes that can be used to provide information from code attempting a login to the login module.The CallbackHandler interface defines one method: handle (Callback [ ] callbacks).This method iterates through the callbacks provided and adds the requested information to each one.Authentication ExampleAuthentication Example The handle() methodCode in the book p.247The getName () methodThe PasswordLoginmoduleThe initialize () methodThe login () methodThe commit () methodThe abort () methodThe logout () methodRunning the ExampleRunning the ExampleYou should have the following files:O jaas.configO JAASSampleApp.javaO PasswordLoginModule.javaO PrincipalImpl.javaUsernamePasswordCallbackHandler.JavaCompile them with:C:\> javac *.Java.Running the ExampleRunning the ExampleWe need to specify the location of the config file to the VM when we actually execute the application like so: C:\> Java ‑Djava.security.auth.login.config== jaas.config JAASSampleApp testuser sasquatchIf all is successful, you should see your authenticated subject displayed like so:Subject: Principal: testuserOtherwise, you will see the exception thrown.AuthorizationAuthorizationThere are two types of authorization when using JAAS: declarative and programmatic. Just like in the servlet and EJB security models, we can define static configurations that allow and disallow access to resources, or we can write code that uses more sophisticated logic to determine how to dole out our resources based on who is running the code.Declarative AuthorizationDeclarative AuthorizationJAAS adds a new configuration directive to the policy file that defines permissions. We talked about the codebase and the signedby directive in Chapter 7, but now we're going to describe the Principal directive. This directive allows you to specify who must be running some code in order to have a certain permission. Here's a sample entry that you might use in a policy file:grant Principal PrincipalImpl "testuser" { permission java.io.FilePermission "c:\test\test.txt", "read,write";}; Declarative authorization is seldom actually used.Programmatic AuthorizationProgrammatic AuthorizationIt can be valuable to determine who is running the current code. You can get the current subject by call the static method