PDA

Click to See Complete Forum and Search --> : UnixLoginModule how do I force it to ask for username, and password

Piko
01-30-2006, 09:37 PM
com.sun.security.auth.module.UnixLoginModule

Alright I now know this jaas login module can give you all the information about the current user who ran the java application, but I don't want that.

I want it to use the password, and username, and check those to see if they are correct. Right now it ignores the Username, and Password values, and spits up the user I'm logged in as, and not the one logging in as.

If someone could explain how my jaas config file should look that would help, or if someone could point to an example of Unix/Linux authentication modules.

Trying to replace a hacked up C Wrappered PAM based Login module, with something pure java.
voidinit
01-31-2006, 02:42 AM
com.sun.security.auth.module.UnixLoginModule

Alright I now know this jaas login module can give you all the information about the current user who ran the java application, but I don't want that.

I want it to use the password, and username, and check those to see if they are correct. Right now it ignores the Username, and Password values, and spits up the user I'm logged in as, and not the one logging in as.

If someone could explain how my jaas config file should look that would help, or if someone could point to an example of Unix/Linux authentication modules.

Trying to replace a hacked up C Wrappered PAM based Login module, with something pure java.


It should go something like this:



CallbackHandler ch = null;

public void initialize(Subject subject, CallbackHandler ch, Map sharedState, Map options){
this.ch = ch;
.......
}

public void login() throws LoginException {

String username = null;
char[] password;

if(ch == null){
throw new LoginException(.......);
}

NameCallback nc = new NameCallback("Login Name:");
PasswordCallback pc = new PasswordCallback("Enter Password:", false);
Callback[] callbacks = { nc, pc };
try{
ch.handle(callbacks);
username = nc.getName();
password = pc.getPassword();
}catch(IOException e){
.......
}catch(UnsupportedCallbackException e){
.....
}
}




The only JAAS framework that I've worked with much is JBoss JAAS implementation. You need to make sure that your JAAS framework and application will support the callbacks. They *should*.