Showing posts with label JAAS. Show all posts
Showing posts with label JAAS. Show all posts

Thursday, January 17, 2008

Kerberos Authentication

You may use the following code to implement Kerberos Authentication in your applications:

====================================
CompanyKerbLogin.conf
====================================

/**
* Login Configuration for JAAS.
*
* Specify that Kerberos v5 is a required login module for the classes.
*/

CompanyKerbCallbackHandler {
com.sun.security.auth.module.Krb5LoginModule
required
client=TRUE
debug=FALSE
useTicketCache=FALSE;
};

====================================
krb5.conf
====================================

[domain_realms]

.bhatia.company.com = BHATIA.COMPANY.COM
.company.com=COMPANY.COM
bhatia.company.com = BHATIA.COMPANY.COM
company.com=COMPANY.COM


[libdefaults]

default_realm = COMPANY.COM
#dns_lookup_kdc=false
#default_tgs_enctypes = des-cbc-md5
#default_tkt_enctypes = des-cbc-md5


[logging]



[realms]
BHATIA.COMPANY.COM= {
kdc = server2.bhatia.company.com
admin_server = server2.bhatia.company.com
default_domain = bhatia.company.com
}

COMPANY.COM= {
kdc = server01.company.com
admin_server = server01.company.com
default_domain = company.com
}

import javax.security.auth.callback.*;

====================================
CompanyKerbCallbackHandler.java
====================================

/**
* Callback Handler that is used with the KerberosAuthHandler.
*
* Two methods are added to this callback handler which allows the
* KerberosAuthHandler to pass the username and password received
*
*/
public class CompanyKerbCallbackHandler implements CallbackHandler
{

private String CompanyUserId;
private char [] CompanyPassword;

public void handle(Callback[] callbacks)
throws java.io.IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
NameCallback cb = (NameCallback)callbacks[i];
cb.setName(CompanyUserId);

} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback cb = (PasswordCallback)callbacks[i];
cb.setPassword(CompanyPassword);

} else {
throw new UnsupportedCallbackException(callbacks[i]);
}
}
}

public void setUserId(String userid)
{
CompanyUserId = userid;
}

public void setPassword(String password)
{
CompanyPassword = password.toCharArray();
}
}

This should do the magic for you !! Enjoy Authenticating.

Posted by Rajnish Bhatia at 11:14 PM 0 comments

Subscribe to: Posts (Atom)