JAAS in EAServer  JAAS for connectors

Chapter 11: Using the JAAS API

JAAS on the client

EAServer includes a JAAS login module com.sybase.jaguar.security.auth.module.JaguarLoginModule. It uses the JAAS callback mechanism to obtain the client’s user name and password and generate credentials.The credentials are passed to the server when the client attempts to invoke any component on the server. This login module must be used if you want your EJB client or Java CORBA client to obtain credentials from the user using JAAS.

StepsTo enable JAAS on the client:

  1. Make sure a login module is defined in the JAAS configuration file that requires com.sybase.jaguar.security.auth.module.JaguarLoginModule, for example:

    /*
    This section can be used by Jaguar clients which invoke
    JaguarLoginModule to setup proper credentials.
    */
    JaguarClient{
      com.sybase.jaguar.security.auth.module.JaguarLoginModule required
      debug=true;
    };
    
  2. Set the name of the JAAS configuration file in the Java interpreter’s -Djava.security.auth.login.config property on the client’s machine.

  3. Create an instance of the login module, using code like this. In this fragment, JaguarClient is the name of the the name of the JAAS configuration section that requires the module com.sybase.jaguar.security.auth.module.JaguarLoginModule:

    LoginContext lc = null; 
    try { 
    lc = new LoginContext("JaguarClient", new MyCallbackHandler()); 
    } catch (LoginException le) { 
    System.err.println("Cannot create LoginContext. "
    + le.getMessage()); 
    System.exit(-1); 
    } catch (SecurityException se) { 
    System.err.println("Cannot create LoginContext. " + se.getMessage()); 
    System.exit(-1); 
    } 
    Initial Context ic = new InitialContext(); 
    ... regular code to look and invoke methods on an EJB. 
    




Copyright © 2005. Sybase Inc. All rights reserved. JAAS for connectors