Stack Overflow
Stack Overflow

Questions tagged [jaas]

JAAS is the Java Authentication and Authorization Service found in the JRE (1.4+).

The Java Authentication and Authorization Service (JAAS) is a Java security framework for user-centric security to augment the code-based security. Since JRE 1.4, JAAS has been integrated with the - previously JAAS was supplied as an extension library by Sun.

The main goal of JAAS is to separate the concerns of user authentication so that they may be managed independently. While the former authentication mechanism contained information about where the code originated from and who signed that code, JAAS adds a marker about who runs the code.

By extending the verification vectors JAAS extends the security architecture for Java applications that require authentication and authorization modules.

Useful Links:

937 questions
7
votes
1 answer

JAAS authentication in JMS using WildFly : javax.jms.JMSSecurityException: HQ119032: User: null doesnt have permission=SEND on address {2}

Using WildFly 9.0.2 final, the section is defined in standalone-full.xml as follows. Sections like , and are completely omitted as I did not change anything in them.
Tiny
  • 27,221
  • 105
  • 339
  • 599
7
votes
0 answers

Perform action after the j_security_check?

I'm doing an audit system that logs user actions. I need to record when a user performs a login. I searched different places but I always end up running into the same solution, use "filters". The above solutions do not work for me. There are no…
Crapo Wolf
  • 2,241
  • 2
  • 11
  • 20
7
votes
1 answer

Warning: JACC: For the URL pattern xxx, all but the following methods were uncovered: POST, GET

In javax.faces.webapp.FacesServlet docs, it is mentioned, Allowable HTTP Methods The JSF specification only requires the use of the GET and POST http methods. If your web application does not require any other http methods, such as PUT and…
Tiny
  • 27,221
  • 105
  • 339
  • 599
7
votes
2 answers

How does keytab work exactly?

i have some questions on using keytab for Authentication hope the kind people here can enlightend me Say, i have userA who is going to use a service running at port 1010. First, userA will login to Active Directory to authenticate himself. After…
dorothy
  • 1,213
  • 5
  • 20
  • 35
7
votes
1 answer

Password Encryption Algorithm in Glassfish 4

I've recently updated Glassfish from 3.1.2 to 4.0 and wanted to set up a JDBCRealm that I used before on my app which uses FORM based authentication. The passwords are hashed with SHA-256 in the database (that is the default Digest Algorithm…
apcuk
  • 194
  • 1
  • 12
7
votes
2 answers

Glassfish 4 - JDBC Realm

What's the difference between the Password encryption algorithm and the Digest Algorithm in Glassfish 4? Because Password encryption algorithm cannot be blank, I used MD5, and for Encoding, Hex. The Digest Algorithm is blank, so the default is…
Arnold Galovics
  • 3,246
  • 3
  • 22
  • 33
7
votes
2 answers

Login a user programmatically via JAAS

I'm trying to run code within JBoss Container under a different authentication by programatically logging in a user like that (stripped exception handling): LoginContext ctx = ctx = new LoginContext("MyLoginSchema", new…
roehrijn
  • 1,387
  • 1
  • 11
  • 20
6
votes
3 answers

JBoss JAAS custom Login Module Error messages

I have an application that makes used of a custom login module of JBoss. Authentication can fail for a wide variety of reasons and i have to display these to the user instead of the usual Inavlid username / password error. Is there a way to get…
n002213f
  • 7,805
  • 13
  • 69
  • 105
6
votes
3 answers

What's the point of JAAS

What's the point of JAAS if I have to write my own {whatever}LoginModule and everything else?
pitr
  • 715
  • 1
  • 8
  • 25
6
votes
1 answer

Updating the kerberors krb.conf file using "java.security.krb5.conf" System.property() is not working

I want to point to a different krb.conf file, dynamically, without restarting the JVM. I have searched through different solution on Stackoverflow and tried to implement the solution accordingly. But some how, even if I update the…
theimpatientcoder
  • 1,184
  • 3
  • 19
  • 32
6
votes
2 answers

'SEVERE: SAAJ0009: Message send failed error' while sending a message

Feb 8, 2011 11:56:49 AM com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPC onnection post SEVERE: SAAJ0009: Message send failed com.sun.xml.internal.messaging.saaj.SOAPExceptionImpl: java.security.PrivilegedA ctionException:…
prathyush
  • 77
  • 1
  • 2
  • 10
6
votes
1 answer

How to access authentication alias from EJB deployed to Websphere 6.1

I need to provide password for keystore in my EJB but I don't want it to be visible to developers. My idea was to create Authentication Alias in Websphere Console and later lookup for MY_ALIAS and obtain password from alias. I found some discussion…
igor.beslic
  • 954
  • 2
  • 9
  • 16
6
votes
2 answers

zookeeper sasl authentication issue

I am trying to have setup SASL authentication for my zookeeper for Kafka. I followed all the steps mentioned in below link https://cwiki.apache.org/confluence/display/ZOOKEEPER/Client-Server+mutual+authentication Below is my server_jaas.conf file…
yogita sharma
  • 61
  • 1
  • 3
6
votes
1 answer

Passing 'password expiration' information from Wildfly Server authentication module to remote EJB client

We have a Wildfly 10 JEE application and a java fat client that uses remote EJ calls to communicate with the server. Authentication is done using a custom login module in the wildfly server. Now we have the requirement to enhance this login module…
woelfle
  • 557
  • 1
  • 7
  • 23
6
votes
0 answers

Angular2 - unable to get Set-Cookie from auth. response (jaas, wf)

Iam trying to authenticate from Angular2.1.0 to JAAS form-based j2ee app on WildFly 8.2 let j_username = 'sb2'; let j_password = 'sb222'; let url: string = 'http://127.0.0.1:8888/prototype-rest/j_security_check'; let…
eriskooo
  • 189
  • 2
  • 5
1 2 3
62 63