Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Setting JAAS Configuration file programmatically

 
Ed Zeval
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I was wondering if there was a way of setting the JAAS configuration programmatically. What I mean is that instead of having some jaas.conf file that specifies, say:

SampleLogin {
Krb5LoginModule required debug=true;
};

if there is a way to set it in the code. As far as I'm concerned, the LoginContext just takes the jaas.conf file and creates a Configuration out of it. I've tried to create a Configuration object with the necessary parameters in my code, but I have failed miserably.

Also, right now I'm running my code with some flags like "-Djava.security.etc=some_stuff".. Is there a way to specify these in the code too?

Any help much appreciated!
 
Ed Zeval
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Alright... For the second question I can just use System.setProperty()

Does anyone know anything about the first question?
 
K Aditi
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Will storing the configuration in database instead of a flat file going to serve your purpose?In this way you can dynamically set the configuration.You can extend the javax.security.auth.login.Configuration class for this purpose.
[ June 19, 2008: Message edited by: K Aditi ]
 
Ed Zeval
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hmmm... I didn't quite understand.. Can you provide more details?

That would be better, but I want to avoid accessing a file system as much as possible.

Thanks!
 
K Aditi
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to avoid accessing a file system as much as possible.

Hmmm...I am afraid, what I had in mind will not help you much. Anyways what I meant was, you can extend the javax.security.auth.login.Configuration class such that it reads the configuration from the database which is usually stored in .conf flat file.

By the way if you "store" the configuration in your code, it will have to be compiled every time for a small change.I hope you have considered that point.

Hope this helps.
 
Ed Zeval
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hmm.. I'm still a bit confused. Let me try to explain myself better and please correct any wrong assumptions I've made.

As the javax.security.auth.login.Configuration javadocs state, at any given time, there is one Configuration object installed. I assume that this Configuration object is constructed by taking the configuration file (by accessing the java.security.auth.login.config java property) and parsing it.

If this is correct, then I should also be able to create a Configuration object named myConf, and then call Configuration.setConfiguration(myConf).

So, how do I create a Configuration?

First of all, Configuration is an abstract class, so rather than coding up my own implementation, I would prefer to use the existing one--the one LoginContext reads. Do you know which class this is?

However, creating an entirely new Configuration might have undesired effects. Thus, I would prefer to modify the existing Configuration. Supposedly, I can access the existing configuration by calling Configuration.getConfiguration(), but I keep getting a NullPointerException when I try to do that... I've also been unable to create a new Configuration by calling the Configuration.getInstance() method.

Any thoughts?
 
Ed Zeval
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Problem solved.

I implemented MyConfig extends Configuration, and then passed an instance of it to the constructor of the LoginContext.

Thanks!
 
K Aditi
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Now I am a bit confused here.
I implemented MyConfig extends Configuration, and then passed an instance of it to the constructor of the LoginContext.

But LoginContext does not take Configuration as an argument in its constructor.Did you extend LoginContext too?Just curious to know, does the LoginContext gets instantiated?
 
Ed Zeval
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Yes, the LoginContext can be instantiated with a Configuration. In fact, it has 4 constructors. Altogether, you can specify: the entry name in the configuration, a Subject, a CallbackHandler, and a Configuration.
 
Ed Zeval
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Oh... I see where your confusion comes from.

The LoginContext javadocs you just posted are from Java 1.4.. If you look at the Java 6 docs (here) you'll find the constructor I just talked about.
 
K Aditi
Ranch Hand
Posts: 89
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Ed. I should have checked the latest specs.
[ June 26, 2008: Message edited by: K Aditi ]
 
Juanjo Cuadrado
Greenhorn
Posts: 18
Eclipse IDE Firefox Browser Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ed Zeval wrote:... and then passed an instance of it to the constructor of the LoginContext.


I'm sorry but I do not understand how you can call this constructor of the LoginContext.... Can you help me, please?
 
priya sti
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Hi Ed Zeval ,

Could you please explain in detail how you have extended Configuration class and what configurations you have provided to it.
thanks !

regards,

 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic