Extending? JAASGuosheng? Huang,? PhD,? Is? A? Seniorsoftware? Developer? WithWysdom? Inc.? He? Has? Over? 15years? Of? Experience? In? Software? Engineering? And? Technical? Architecture. ?? gorsenhuang @ Yahoo.com Translation: Green wild smoke? 2003/10 ????? User authentication and access control is an important security scale of most Java applications, especially J2EE applications. Java certification and permission service (ie JAAS), JAAS, J2SE 1.4, and 1.5 core APIs depict new security standards. It provides a pluggable and flexible framework (Flexible) framework (Flexible) allows developers to mix different security mechanisms and rich resources that have existence of various security. ???? Along with the upcoming J2SE1.5 release, it contains many such as encryption technology, XML security, public key mechanism (PKI), Kerberos? (Is a network attachment system / protocol, allowing users to pass The service of a safety server is verified? I'll log in, the remote login, the remote copy, the inter-system of mutual copying and other high-risk tasks will be changed to be changed.) And alliance certifications (the ? Federating? Identity) Enhancements! JaaS will play a more important role in J2EE implementation. • Certified authentication is the process of checking a user with permissions that have been identified by the enterprise user registration agency. Jaa's certification mechanism is based on a set of pluggable modules (see Figure 1). JAAS allows different verification models to be swapped at runtime. Custom applications always interact with JaAs by logging in the context object. The authentication process is typically the following steps: 1, generate a LoginContext object. This logincontext looks for configuration files to decide to use that loginmodule. Similarly, selectable, it is possible to pass a callbackhandler to logincontext.2, and perform authentication by calling the logincontext's login method, which loads predefined LoginModule to check if the user can be authenticated. 3, if the user is authenticated, the rules and identifiers are used to associate with their items. 4, or run out a loginexception5 in the case of landing failure, log in to log in with the loginText method to log in ????? In JaaS, login is a two-stage (two-phase) process. The first phase is "login" phase (just as described above). The only task at this stage is to authenticate. As long as the processing process successfully passed this phase, the authentication process entered the "commit" phase (as follows 3), this phase LoginModule's commit method is called to associate the subkey related rules and identities. ???? One subkey in Jaas represents an authentication entity, such as a person or a device. It contains a complete set of rules and security-related properties such as passwords and encryption keys. In the JaAs architecture, the associated permissions of the subkey and their attachments play an important role in the certification process. Among all authentication modules, LoginModule is an excuse of the fact that the actual authentication mechanism. Although LoginModule has not received the opportunity to call customer application, he provides a specific type of authentication via a pluggable module, which implements the authentication algorithm and determines how the actual authentication process is executed.
Sun offers several default LoginModule. In sun.com.Security.Auth.Module, there are several LoginModule implementations such as JNDiloginmodule, Krb2LoginModule, UnixLoginModule, and NTLoginModule. Because the JAAS login structure system is scalable, you can almost all in any LoginModule module in the configuration file. The following is an example of a configuration file: mysample? {Com.sample.module.myloginmodule? Required? Debug = true;}; ???? Here, is the name of the login context environment (login? Context), when you generate one It will be incorporated into the constructor of LogInTex when the new logincontext begins to authenticate. According to the configuration block prompt, the text block reminds JaaS to be used to perform authentication during the login process. In addition, for loginmodule, any option regarding him can also be specified here. During the step of performing the steps of logging in, the CallbackHandler class is used by the LoginModule class to communicate with the user has facilitated authentication information. CallbackHandler class handles three types of callbacks: NameCallback, prompting users to enter a username; PasswordCallCack, prompt to enter a password; TextOutputCallback, report error, warning, or send some other information. ????? Authorization is to determine whether the user can perform some actions, such as accessing a resource. Because JaAs is based on the existing Java security model, this process is based on the policy. The policy configuration file has essentially contains a series of portions, such as "keystore" and / or "grant". ???? GRANT entry contains all permissions, he is aware of the authentication code or the law is granted to be safe and sensitive Operation, for example, access a specific web page or a local file. JAAS supports the rule-based strategic entrance, the basic format of the entrance is as follows:?
grant? Codebase? "codebase_URL"? Signedby? "signer_name," Principal? principal_class_name? "principal_name", Principal? principal_class_name? "principal_name", ...? {permission? permission_class_name? "target_name",? "action", permission? permission_class_name? "TARGET_NAME", "Action", ...} "Action" on the top of the "Action" may be required or may be ignored to depend on the permissions type. In the JAAS architecture, the policy object expresses a system security policy for a Java application environment and at any time in fact there is only one policy object. According to Java2? SDK documentation, the default policy implementation is Sun.Security.Provider.PolicyFile, where the policy is specified in one or more policy configuration files. • As long as the user is authenticated, authorize the occurrence of the Subject.doas method, or from the Subject class's static method DOASPRIVILEGED, the DOAS method uses the current AccessControlContext dynamics and child and simultaneously call the RUN method to perform the action, he leads to security verification. The authority verification process passes the following steps in Figure 2: ???? is like loginmodule, the policy is also a pluggable model. You can hang other policy implementations Change the Policy.Provider = Sun.Security.Provider.PolicyFile "in the property file in Java.Security? To a policy class that you use. • EXTEND? JAAS ???? JAAS is built at the top of the existing Java security model, which is implemented based on "CODesource" and flat text format policy files. This may be insufficient to enterprise applications, you might want to use customizable security warehouses. For JaaS, such as LDAP (light directory access protocol), database or other file system, it can be done by writing your own customizable module, thanks to JaaS's pluggable features. However, this requires a perfect understanding of the process in the module and JaAs, and you have to do many coded to overwrite the associated classes, and handle both configurations and policies. Ideally, we are willing to extend JAAS in a more easy way to make it only to develop and insert when a customary security knowledge base or different access control mechanism changes or must be increased. These different small modules (ie, adapters) adapt to these new changes and needs, and in the best case, do not have to understand and familiarize with the details of the JaaS processing process, we are also willing to do these changes only Change a configuration file. Another goal is that our JaaS extension component can be used in different J2EE applications - independent or Web. Figure 3 depicts the design intent of the JAAS extension component. Our JaaS extension group takes advantage of the JAAS plug-in architecture when achieving customizable LoginModule and policy modules. In these modules, we delegate a data request to the adapter. Each of these adapters is isolated for simple tasks such as data retrieving, so you can quickly use different security knowledge or algorithms to develop different adapters instead of trying to implement different loginmodule or policy modules, they are more complicated and needed. More efforts. You can come from www.sys-con.com/java/sourcec.cfm. Under complete source. • Implementation AuthloginModule class AuthorinModule class is our custom LoginModule implementation. The LoginModule class is a pluggable component in JaaS and serves two purposes: 1. Appraisal authentication users 2. If certified to public, use relevant responsibility People information or certificates update theme.
LoginModule has 5 ways to implement, let us pay attention to the login () method. This method is called to authenticate the theme and is mainly two things: 1. Contains username and password, typically, loginmodule to call the CallbackHandler class to get the username and password 2, pass and data source comparison passwords. LoginModule Remove the user name and password from Callbacks. (It defaults to a sort of user interfaces), this is a simple demonstration or in the command line, but he is not practical for a J2EE application, for example, for most web applications, usernames and passwords. The relatively typical is read from an Form. In this case, it is difficult to use Jaas certification. Considering that we don't directly use the LoginModule, the solution is to implement a customable CallbackHandler class. He receives the username and password and then submits them to loginmodule, so he does not need to prompt user input information The following example shows how user information is transmitted from JSP or Servlet. :
? String userName = request.getParameter ( "user");??? String password = request.getParameter ( "password");???? LoginContext context = new LoginContext ( "MySample", new AuthCallbackHandler?????? (username,? password); ???? Once you have username and password in your hand, Authloginmodule class, our custom implementation of our LoginModule class, will instantiate LoginsourceAdapter via loginsourceadapterfactory and delegate actual authentication procedures to resource adapters. The adapter is just a simple class that receives user information from a specific data adapter (such as a database or LDAP, or some other system). In the "Submit" phase, the AuthloginModule class retrieves the relevant information from the LoginsourceAdapter class and associates them with the topic. LoginsourceAdapter class ???? LoginsourceAdapter class is an interface of a resource adapter for authentication purposes. It has four methods that need to be implemented: 1, Void? Initialize (HashTable? Parameters): The Initialized method is called to initialize the adapter in the relevant parameter. This method is called immediately after the object is generated and is preferred in any call to other methods. 2, boolean? Authenticate (String? Username, char []? Password): This authentication method is called to authenticate the user. 3.?string []?getgroupnames? (String?Username ):GetGroupNames method is called to get the relevant main information after the authentication is successful. 4.?void?terminate? (): This method is called after the LoginModule class is executed, which makes some opportunities for cleaning work to the adapter. Authpolicy class ???? Under the JaAs architecture, the security policy is processed by the java.secureTy.Policy?, He will prove that it is given to a specific code source or a number of permissions. Just as discussed in the previous paragraph, Sun.secureTy.Provider.PolicyFile is its default implementation. PolicyFile class uses a flat text file to prove the correspondence between permissions and code sources, which may not be too good for enterprise-class applications. A focal system such as a relationship database that supports role-based security will be better. Obviously, extended JAAS authorization to handle different security tags of different sources, we need to write our own strategy implementation. The steps to generate a custom strategy implementation are as follows: • Extend Java.SecureTy.Policy class • Implement the getPermissions () method • Implement the refresh () method.???? If you see the implementation of our custom policy class, you may pay attention Go to our AuthPolicy class to be born in Sun.Security.Provider.PolicyFile instead of java.security.policy.? Why? First, I want to implement the AuthPolicy class as a generic POLICY class, which can handle the default policy class does not need to be intervene in any adapter. By from the PolicyFile class, we do not need to implement policy file resolution and other related code. At the same time, if the party application runs in a safe manager, some permissions, such as the DOASPRIVILED? AUTHPERMISION class, and the FILEPERMISSION (in order to load the configuration file), need to be empower to perform Jaas. Of course, these Permissions can be stored in the data source, but they may be more beneficial in placing them in a standard Java security policy file. However, for regular development, you should implement an adapter to cope with these things.
The same design mode is followed when expanding authentication. Our policy clauses are requested in the PermisssionAdapter class. In the permissions class, the different permissions are saved in their own PermissionCollection class instance. If you create a custom permission class, you need to generate your own permissioncollection class type, otherwise You cannot guarantee that your permissions will be referred to confirmation. PermissionAdapter class ???? PermissionAdapter class is an interface of the authentication process pluggable module in our JaaS extension component. It evaluates policies from a specific data source and distributes a PERMISSIONCOLECTION class that contains a set of permissions that has been given. The PermissionAdapter class interface has the following method: •? Void? INITIALIZE? (HashTable? Initialize): The initialize method is called to initialize the adapter in the relevant parameter. This method is immediately called and is preferred in any other method. At the same time, it will also be called after the refresh method of the Policy class. • PERMISSIONCOLLECTION? GETPERMISSIONS? (ProtectionDomainDomain): • This method will be called as long as some principal permissions are requested. As an example, let's see how to implement a role-based PermissionAdapter class. Suppose there are three roles: administrators, users, and guests have different permissions, and all permissions information is stored in the database. ???? First, in the initialize method, we will acquire all roles from the data and assemble into the collection class, such as HashTable. Next, in the getPermissions method, we will collect the relevant authority (This is only the role-based access control) and returns them. Note that we can get the relevant subject by calling the GetPrincipals method for the ProtectedDomain class. It is so simple, isn't it? Jaasutil class ???? For our JaaS extension component JaaSutil class is the primary link, and it has a constructor to get the username and password. There are two key methods: 1. ? Boolean? Authenticate () 2. • Boolean? checkpermission (Subject? Subject, Final? Permission? Perm) ???? JaAsUTIL class actually delay the login request of the LoginContext class and the permission check step for the SecurityManager class. ? Listing? 1? Show how to use the JaAsutil class. This code first acquires username and password from the HTTTPServletRequest class and tries to authenticate users. Then it detects whether the user has permission to access "EditReg.jsp". Configuration ???? Now we have its own custom LoginModule, Policy and other related modules implementation . These modules can entrust relevant data requests to the appropriate adapter; this is a good thing. However, in the JAAS structure, the LoginModule class and the Policy class will never be called directly by the application, so how do we know that the adapter should be firm and how to transfer the required parameters or information, such as data connection, give the adapter? The answer is that the adapter can be dynamically configured by updating an XML profile. This XML configuration file consists of two main data segments: 1, this segment defines various possible input parameters that the login source adapter and the authentication process need.
2,
: Various possible input parameters of the content definition of this segment
You can develop which LoginsourceAdapter class and PermissionAdapter classes that use it. It is also possible to deliver additional information in the configuration file. Let the Jaasutil class know that there are two ways to find a configuration file:
1. Develop a configuration file via the command line attribute switch:? - DCon.Auth.config2, call the JaaSutil.SetConfigfile (Configfile) method.
???? When you deploy a JAAS extension component, this custom security policy class file must be added to the Java JRE / LIB directory, which will cause policy class files to load their load by the Bootstrap class. Otherwise, even if you place the policy file in your Java classpath, it will not be checked out and the SUN defaults the policy class provided will be replaced.
to sum up
Extending Jaas is not difficult. The JAAS structure is provided to customize the flexibility of implementing authentication and authorization processes. Understanding how these processes work is to know how to replace your own implementation. In this article, we revisit JaaS foundation and check how to extend JAAS to make a framework that makes a more dynamic, flexible, and scale-up feature. With this expansion framework, you can easily generate your own login and access control mechanisms to support your own enterprise level security needs, you can also support emerging security standards, or balance your existing or custom security model as an adapter, then Hot swaps them into Jaas. This should be able to give your business app to provide a standard-based highly customized authentication and authorization process.
References
•? Jaas? Reference? Guide? For? The? Java? 2? SDK,? STANDARD? Edition,
v? 1.4:?
http://java.sun.com/j2se/1.4.1/docs/guide/security/
Jaas / jaasrefguide.html # policy
•? Jaas? Loginmodule? Exveloper? Guide:
http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/
Jaaslmdevguide.html # login
•? LAI,? C.,? Etc in "user? Authentication? And? Authorization? In
Java? Platform. "? Proceedings? Of? The? 15th? Annual? Computer
Security? Application? Conference,? Phoenix,? AZ.? DecEmber
1999:?
http://java.sun.com/security/jaas/doc/acsac.html
•? Sun? MicroSystems,? Inc. "DEFAULT? Policy? Implementation
And? policy? File? Syntax. "? Technical? Report:
http://java.sun.com/j2se/1.4.1/docs/guide/security/policy
FILES.HTML
Reference Resources: Participate in the Forum Discussion: http://www.matrix.org.cn/forum.asp More Technical Articles: http://www.matrix.org.cn/Article.aspmatrix Java Portal: http: // www . matrix.org.cn Original Address: http://www.matrix.org.cn/Article/638.html