Saturday, 15 July 2017

Specifying jaas configuration file location in java security file

In my previous post, I explained how to set the JAAS configuration file in using 'System.setProperty' method.

Ex:
System.setProperty("java.security.auth.login.config", "jaasAuth.config");

We can also set the JAAS configuration file in java security file.

Where is my java security file located?
‘java.security’ file is located in below location.
${JAVA_HOME}\jre\lib\security

In my case it is located in ‘C:\Program Files (x86)\Java\jdk1.8.0_102\jre\lib\security’.

Open ‘java.security’ file in notepad and add below statement to it.

login.config.url.1=file:C:/Users/krishna/workspace1/jaas_tutorial/jaasAuth.config

‘file:C:/Users/krishna/workspace1/jaas_tutorial/jaasAuth.config’ is the location of jaas configuration file.

Note
Use ‘/’ not ‘\’ while adding the path.

Find the below working application.

jaasAuth.config
JaasTutorial{
 com.smaple.login.BasicLoginModule required;
};

BasicAuthCallbackHandler.java
package com.sample.handler;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;

public class BasicAuthCallbackHandler implements CallbackHandler{

 
 @Override
 public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  NameCallback nameCallBack = (NameCallback)callbacks[0];
  PasswordCallback passwordCallback = (PasswordCallback)callbacks[1];
  
  BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
  
  System.out.println(nameCallBack.getPrompt());
  nameCallBack.setName(br.readLine());
  
  System.out.println(passwordCallback.getPrompt());
  passwordCallback.setPassword(br.readLine().toCharArray());
  
 }

}

BasicLoginModule.java
package com.smaple.login;

import java.io.IOException;
import java.util.Map;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

public class BasicLoginModule implements LoginModule {

 private String username = "krishna";
 private String password = "krishna";
 CallbackHandler callbackHandler;

 @Override
 public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
   Map<String, ?> options) {
  this.callbackHandler = callbackHandler;
 }

 @Override
 public boolean login() throws LoginException {
  Callback[] callbackArray = new Callback[2];

  callbackArray[0] = new NameCallback("Enter logon id:");
  callbackArray[1] = new PasswordCallback("Enter password:", false);

  try {
   callbackHandler.handle(callbackArray);
  } catch (IOException | UnsupportedCallbackException e) {
   e.printStackTrace();
   throw new LoginException(e.getMessage());
  }

  String logonId = ((NameCallback) callbackArray[0]).getName();
  char[] passwordArr = ((PasswordCallback) callbackArray[1]).getPassword();
  String password = new String(passwordArr);

  if (username.equals(logonId) && this.password.equals(password)) {
   System.out.println("Login successful");
   return true;
  }

  throw new LoginException("Logon failed");
 }

 @Override
 public boolean commit() throws LoginException {
  return true;
 }

 @Override
 public boolean abort() throws LoginException {
  return false;
 }

 @Override
 public boolean logout() throws LoginException {
  return true;
 }

}


Test.java
package com.sample.app;

import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

import com.sample.handler.BasicAuthCallbackHandler;

public class Test {

 public static void main(String args[]) {
  LoginContext loginContext = null;

  try {
   loginContext = new LoginContext("JaasTutorial", new BasicAuthCallbackHandler());
  } catch (LoginException e) {
   // TODO Auto-generated catch block
   e.printStackTrace();
   return;
  }

  try {
   loginContext.login();
  } catch (LoginException e) {
   // TODO Auto-generated catch block
   e.printStackTrace();
  }
 }
}

Run Test.java by providing username and password as ‘krishna’, you can able to see below output.
Enter logon id:
krishna
Enter password:
krishna
Login successful


Run Test.java by providing the username and password other than 'krishna', you can able to see below output.
Enter logon id:
krishna
Enter password:
aa
javax.security.auth.login.LoginException: Logon failed
 at com.smaple.login.BasicLoginModule.login(BasicLoginModule.java:50)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498)
 at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
 at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
 at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
 at com.sample.app.Test.main(Test.java:22)

This is continuation to my previous posts, I recommend you to go through below post, before reading this.

Can I add multiple authentication config files in java.security file?
Yes, you can add, finally, these are all combined to one file by the java run time.

Ex:
login.config.url.1=file:C:/Users/krishna/workspace1/jaas_tutorial/jaasAuth1.config
login.config.url.2=file:C:/Users/krishna/workspace1/jaas_tutorial/jaasAuth2.config
login.config.url.3=file:C:/Users/krishna/workspace1/jaas_tutorial/jaasAuth3.config
login.config.url.4=file:C:/Users/krishna/workspace1/jaas_tutorial/jaasAuth4.config





Previous                                                 Next                                                 Home

No comments:

Post a Comment