Mercurial > hg > Blog
annotate content/Java/jaas-pam.md @ 112:cf31bf5fce72 default tip
Author of the blog post as mail header for efficient spam filtering
author | Dirk Olmes <dirk.olmes@codedo.de> |
---|---|
date | Tue, 06 Sep 2022 07:04:11 +0200 |
parents | 0160569a17c4 |
children |
rev | line source |
---|---|
53
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
1 Title: JAAS login module using PAM |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
2 Date: 2014-12-23 |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
3 Tags: JDK |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
4 Lang: en |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
5 |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
6 I recently had a look into [JAAS](http://docs.oracle.com/javase/7/docs/technotes/guides/security/jaas/JAASRefGuide.html) for a customer project. The API is not 100% straightforward due to its design goal of hiding implementation specifics but I guess that's the price you have to pay when specifying a generic API. |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
7 |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
8 The JAAS guide talks about JAAS's similarity to [PAM](https://en.wikipedia.org/wiki/Pluggable_authentication_module). This lead me to think that there should be a default implementation of a bridge between JAAS and PAM out there. Well there is [the jaas-pam project on Sourceforge](http://jaas-pam.sourceforge.net/) but the project's code hasn't been updated in years and on top of that the project uses [JNI](http://docs.oracle.com/javase/7/docs/technotes/guides/jni/index.html). |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
9 |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
10 Then I stumbled over [Leonid Dubinsky's blog](http://blog.dub.podval.org/2011/02/java-and-pam.html) which suggests using [libpam4j](https://github.com/kohsuke/libpam4j) to implement a LoginModule for PAM. Now that sounds like some interesting project to get my feet wet with JAAS! |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
11 |
0160569a17c4
add a blog entry about JAAS
Dirk Olmes <dirk@xanthippe.ping.de>
parents:
diff
changeset
|
12 It only took me an hour or so to come up with a LoginModule implementation using libpam4j. I put the code up [on github](https://github.com/dirk-olmes/jaas-pam) in case I need it later. |