{"id":2667,"date":"2015-11-25T00:31:00","date_gmt":"2015-11-25T00:31:00","guid":{"rendered":"https:\/\/www.htmlgoodies.com\/uncategorized\/implementing-java-based-user-authentication-with-jaas\/"},"modified":"2015-11-25T00:31:00","modified_gmt":"2015-11-25T00:31:00","slug":"implementing-java-based-user-authentication-with-jaas","status":"publish","type":"post","link":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/","title":{"rendered":"Implementing Java-based User Authentication with JAAS"},"content":{"rendered":"

Once you’ve built a commercial website or two it becomes apparent that most business owners share similar requirements in terms of basic functionality. Common use cases include product or service management, user\/membership management, and user authentication. If you’re developing in Java, the latter can be handled by JAAS. Whether you want to handle user authentication on a user-by-user basis or using role-based access, JAAS is a good choice. In today`s article, we`ll be looking at some popular security framework offerings from a bird`s eye view, learning the basics on JAAS, and finally, going through a simple login process using actual classes that you`ll be able to run and play with.<\/span><\/p>\n

JAVA Security Frameworks at a Glance<\/h2>\n

Security is something that you should never try to implement yourself. Back before security was such an ongoing concern, I knew developers who rolled their own encryption algorithms. There is no need to write your own security boilerplate; within JAVA, there are several excellent security frameworks designed to make the process of securing an application faster, easier, and many times more successful than you could do yourself.<\/p>\n

There are three major players in the realm of Java Application Security: JAAS (Java Authentication and Authorization Services), Spring Security, and Apache Shiro. JAAS has one distinction over the other two in that it is the only framework that has been integrated directly into the JAVA Development Kit as of the JDK version 1.4. Having said that, The JAAS framework is somewhat less powerful, as it mainly focuses on authentication and authorization of users within an application. Other features like user management is lacking. From an architectural point of view, JAAS the authentication concerns nicely separate from application logic. Hence, JAAS Security can be added to an existing application with a minimum of code changes. It is for this reason that it is considered to be “pluggable”. JAAS supports multiple types of authentication, including username & password, voice, fingerprint, biometrics, and others.<\/p>\n

For detailed information about JAAS, I would recommend that you take a look at the official guide<\/a>. The remainder of this tutorial will cover how to authenticate a user using JAAS in a simple Java application that we will build in Eclipse.<\/p>\n

The JAAS Configuration File<\/h2>\n

JAAS needs to know what Login Module or Login Modules to use for authentication. The Login Modules are specified in a JAAS configuration file. There are two ways to specify its location. The first way is to specify a login.config.url location (or locations) in your \/jre\/lib\/security\/java.security file. There is a sample entry in this file already:<\/p>\n

login.config.url.1=file:${user.home}\/.java.login.config\n<\/pre>\n
Multiple config files can be specified. You can label them with *.1, *.2, etc.:<\/p>\n
login.config.url.1=file:C:\/config\/.java.login.config\nlogin.config.url.2=file:C:\/users\/foo\/.foo.login.config\n<\/pre>\n
The second way to specify the location of the JAAS configuration file is to assign a value to the java.security.auth.login.config System property. One way to do that is via a System.setProperty() call, as we’ll be using in ouris demo. You can also provide the -Djava.security.auth.login.config=FILE_LOCATION flag when starting your application.<\/p>\n
In the main() method, we will set the login.config to “jaas.config” (see the The main() Method section below):<\/p>\n
System.setProperty(\"java.security.auth.login.config\", \"jaas.config\");\n<\/pre>\n
Let’s add our JAAS configuration file to our project now.<\/p>\n
Fire up eclipse and create a new Java Project named “JaasDemo.”<\/p>\n
Create a new file in the project root named “jaas.config”.<\/p>\n
Paste the following code into the file:<\/p>\n
\/** JaasDemo Login Configuration **\/\n\nJaasDemo {\n   com.robgravelle.jaasdemo.JaasDemoLoginModule required debug=true;\n};\n<\/pre>\n
The main() Method<\/h2>\n
We will place the main method in a class named “JaasAuthenticationDemo”.<\/p>\n
Create this class in a package “com.robgravelle.jaasdemo” and make sure that you check the box to create the static void main() method:<\/p>\n
\"new_java_class_dialog<\/p>\n
Click Finish to close the dialog and create the new class.<\/p>\n
Copy and paste the following code into the JaasAuthenticationDemo.java file:<\/p>\n
package com.robgravelle.jaasdemo;\n\nimport java.util.Scanner;\n\nimport javax.security.auth.login.LoginContext;\nimport javax.security.auth.login.LoginException;\n\npublic class JaasAuthenticationDemo {\n\n        public static void main(String[] args) {\n                System.setProperty(\"java.security.auth.login.config\", \"jaas.config\");\n\n                Scanner sc = new Scanner(System.in);\n                System.out.println(\"Please enter your user ID.\");\n                String name = sc.next();\n                System.out.println(\"Please enter your password.\");\n                String password = sc.next();\n                sc.close();\n   \n                try {\n                        LoginContext lc = new LoginContext(\"JaasDemo\", new JaasDemoCallbackHandler(name, password));\n                        lc.login();\n                } catch (LoginException e) {\n                        e.printStackTrace();\n                }\n        }\n}\n<\/pre>\n
A couple of things to note in the above code is the setting of the login config file name as well as the LoginContext() creation, which uses the name from the Login Configuration file and instantiates a new CallBackHandler.<\/p>\n
Conclusion<\/h2>\n
Now that we’ve gotten our feet wet, we’ll be coding the JaasDemoCallbackHandler and LoginModule classes in part 2.<\/p>\n","protected":false},"excerpt":{"rendered":"
Once you’ve built a commercial website or two it becomes apparent that most business owners share similar requirements in terms of basic functionality. Common use cases include product or service management, user\/membership management, and user authentication. If you’re developing in Java, the latter can be handled by JAAS. Whether you want to handle user authentication […]<\/p>\n","protected":false},"author":90,"featured_media":2669,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[30624],"tags":[],"b2b_audience":[29],"b2b_industry":[52],"b2b_product":[98],"acf":[],"yoast_head":"\nImplementing Java-based User Authentication with JAAS | HTML Goodies<\/title>\n<meta name=\"description\" content=\"Once you've built a commercial website or two it becomes apparent that most business owners share similar requirements in terms of basic functionality.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Implementing Java-based User Authentication with JAAS | HTML Goodies\" \/>\n<meta property=\"og:description\" content=\"Once you've built a commercial website or two it becomes apparent that most business owners share similar requirements in terms of basic functionality.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/\" \/>\n<meta property=\"og:site_name\" content=\"HTML Goodies\" \/>\n<meta property=\"article:published_time\" content=\"2015-11-25T00:31:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/04\/new_java_class_dialog-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"542\" \/>\n\t<meta property=\"og:image:height\" content=\"637\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@htmlgoodies\" \/>\n<meta name=\"twitter:site\" content=\"@htmlgoodies\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rob Gravelle\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.htmlgoodies.com\/#organization\",\"name\":\"HTML Goodies\",\"url\":\"https:\/\/www.htmlgoodies.com\/\",\"sameAs\":[\"https:\/\/twitter.com\/htmlgoodies\"],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.htmlgoodies.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/03\/HTMLg_weblogo_MobileLogo.png\",\"contentUrl\":\"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/03\/HTMLg_weblogo_MobileLogo.png\",\"width\":584,\"height\":136,\"caption\":\"HTML Goodies\"},\"image\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.htmlgoodies.com\/#website\",\"url\":\"https:\/\/www.htmlgoodies.com\/\",\"name\":\"HTML Goodies\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.htmlgoodies.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#primaryimage\",\"url\":\"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/04\/new_java_class_dialog-1.jpg\",\"contentUrl\":\"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/04\/new_java_class_dialog-1.jpg\",\"width\":542,\"height\":637},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#webpage\",\"url\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/\",\"name\":\"Implementing Java-based User Authentication with JAAS | HTML Goodies\",\"isPartOf\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#primaryimage\"},\"datePublished\":\"2015-11-25T00:31:00+00:00\",\"dateModified\":\"2015-11-25T00:31:00+00:00\",\"description\":\"Once you've built a commercial website or two it becomes apparent that most business owners share similar requirements in terms of basic functionality.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.htmlgoodies.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Implementing Java-based User Authentication with JAAS\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/#\/schema\/person\/d340101131281902e682ad0190b7ac75\"},\"headline\":\"Implementing Java-based User Authentication with JAAS\",\"datePublished\":\"2015-11-25T00:31:00+00:00\",\"dateModified\":\"2015-11-25T00:31:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#webpage\"},\"wordCount\":692,\"publisher\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/04\/new_java_class_dialog-1.jpg\",\"articleSection\":[\"Java\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.htmlgoodies.com\/#\/schema\/person\/d340101131281902e682ad0190b7ac75\",\"name\":\"Rob Gravelle\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.htmlgoodies.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/05\/rob-gravelle-150x150.jpg\",\"contentUrl\":\"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/05\/rob-gravelle-150x150.jpg\",\"caption\":\"Rob Gravelle\"},\"description\":\"Rob Gravelle resides in Ottawa, Canada, and has been an IT guru for over 20 years. In that time, Rob has built systems for intelligence-related organizations such as Canada Border Services and various commercial businesses. In his spare time, Rob has become an accomplished music artist with several CDs and digital releases to his credit.\",\"url\":\"https:\/\/www.htmlgoodies.com\/author\/rob-gravelle\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Implementing Java-based User Authentication with JAAS | HTML Goodies","description":"Once you've built a commercial website or two it becomes apparent that most business owners share similar requirements in terms of basic functionality.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/","og_locale":"en_US","og_type":"article","og_title":"Implementing Java-based User Authentication with JAAS | HTML Goodies","og_description":"Once you've built a commercial website or two it becomes apparent that most business owners share similar requirements in terms of basic functionality.","og_url":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/","og_site_name":"HTML Goodies","article_published_time":"2015-11-25T00:31:00+00:00","og_image":[{"width":542,"height":637,"url":"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/04\/new_java_class_dialog-1.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_creator":"@htmlgoodies","twitter_site":"@htmlgoodies","twitter_misc":{"Written by":"Rob Gravelle","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.htmlgoodies.com\/#organization","name":"HTML Goodies","url":"https:\/\/www.htmlgoodies.com\/","sameAs":["https:\/\/twitter.com\/htmlgoodies"],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.htmlgoodies.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/03\/HTMLg_weblogo_MobileLogo.png","contentUrl":"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/03\/HTMLg_weblogo_MobileLogo.png","width":584,"height":136,"caption":"HTML Goodies"},"image":{"@id":"https:\/\/www.htmlgoodies.com\/#\/schema\/logo\/image\/"}},{"@type":"WebSite","@id":"https:\/\/www.htmlgoodies.com\/#website","url":"https:\/\/www.htmlgoodies.com\/","name":"HTML Goodies","description":"","publisher":{"@id":"https:\/\/www.htmlgoodies.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.htmlgoodies.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#primaryimage","url":"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/04\/new_java_class_dialog-1.jpg","contentUrl":"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/04\/new_java_class_dialog-1.jpg","width":542,"height":637},{"@type":"WebPage","@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#webpage","url":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/","name":"Implementing Java-based User Authentication with JAAS | HTML Goodies","isPartOf":{"@id":"https:\/\/www.htmlgoodies.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#primaryimage"},"datePublished":"2015-11-25T00:31:00+00:00","dateModified":"2015-11-25T00:31:00+00:00","description":"Once you've built a commercial website or two it becomes apparent that most business owners share similar requirements in terms of basic functionality.","breadcrumb":{"@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.htmlgoodies.com\/"},{"@type":"ListItem","position":2,"name":"Implementing Java-based User Authentication with JAAS"}]},{"@type":"Article","@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#article","isPartOf":{"@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#webpage"},"author":{"@id":"https:\/\/www.htmlgoodies.com\/#\/schema\/person\/d340101131281902e682ad0190b7ac75"},"headline":"Implementing Java-based User Authentication with JAAS","datePublished":"2015-11-25T00:31:00+00:00","dateModified":"2015-11-25T00:31:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#webpage"},"wordCount":692,"publisher":{"@id":"https:\/\/www.htmlgoodies.com\/#organization"},"image":{"@id":"https:\/\/www.htmlgoodies.com\/java\/implementing-java-based-user-authentication-with-jaas\/#primaryimage"},"thumbnailUrl":"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/04\/new_java_class_dialog-1.jpg","articleSection":["Java"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.htmlgoodies.com\/#\/schema\/person\/d340101131281902e682ad0190b7ac75","name":"Rob Gravelle","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.htmlgoodies.com\/#\/schema\/person\/image\/","url":"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/05\/rob-gravelle-150x150.jpg","contentUrl":"https:\/\/www.htmlgoodies.com\/wp-content\/uploads\/2021\/05\/rob-gravelle-150x150.jpg","caption":"Rob Gravelle"},"description":"Rob Gravelle resides in Ottawa, Canada, and has been an IT guru for over 20 years. In that time, Rob has built systems for intelligence-related organizations such as Canada Border Services and various commercial businesses. In his spare time, Rob has become an accomplished music artist with several CDs and digital releases to his credit.","url":"https:\/\/www.htmlgoodies.com\/author\/rob-gravelle\/"}]}},"_links":{"self":[{"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/posts\/2667"}],"collection":[{"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/users\/90"}],"replies":[{"embeddable":true,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/comments?post=2667"}],"version-history":[{"count":0,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/posts\/2667\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/media\/2669"}],"wp:attachment":[{"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/media?parent=2667"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/categories?post=2667"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/tags?post=2667"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/b2b_audience?post=2667"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/b2b_industry?post=2667"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.htmlgoodies.com\/wp-json\/wp\/v2\/b2b_product?post=2667"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}