Mercurial > hg > Blog
comparison content/Java/jaas-pam.md @ 53:0160569a17c4
add a blog entry about JAAS
| author | Dirk Olmes <dirk@xanthippe.ping.de> |
|---|---|
| date | Tue, 23 Dec 2014 09:01:11 +0100 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 52:94cc5f43d9d1 | 53:0160569a17c4 |
|---|---|
| 1 Title: JAAS login module using PAM | |
| 2 Date: 2014-12-23 | |
| 3 Tags: JDK | |
| 4 Lang: en | |
| 5 | |
| 6 I recently had a look into [JAAS](http://docs.oracle.com/javase/7/docs/technotes/guides/security/jaas/JAASRefGuide.html) for a customer project. The API is not 100% straightforward due to its design goal of hiding implementation specifics but I guess that's the price you have to pay when specifying a generic API. | |
| 7 | |
| 8 The JAAS guide talks about JAAS's similarity to [PAM](https://en.wikipedia.org/wiki/Pluggable_authentication_module). This lead me to think that there should be a default implementation of a bridge between JAAS and PAM out there. Well there is [the jaas-pam project on Sourceforge](http://jaas-pam.sourceforge.net/) but the project's code hasn't been updated in years and on top of that the project uses [JNI](http://docs.oracle.com/javase/7/docs/technotes/guides/jni/index.html). | |
| 9 | |
| 10 Then I stumbled over [Leonid Dubinsky's blog](http://blog.dub.podval.org/2011/02/java-and-pam.html) which suggests using [libpam4j](https://github.com/kohsuke/libpam4j) to implement a LoginModule for PAM. Now that sounds like some interesting project to get my feet wet with JAAS! | |
| 11 | |
| 12 It only took me an hour or so to come up with a LoginModule implementation using libpam4j. I put the code up [on github](https://github.com/dirk-olmes/jaas-pam) in case I need it later. |