wood burning stoves 2.0*
The moose likes Architect Certification (SCEA/OCMJEA) and the fly likes SCEA 5/1-  JAAS question Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Certification » Architect Certification (SCEA/OCMJEA)
Bookmark "SCEA 5/1-  JAAS question" Watch "SCEA 5/1-  JAAS question" New topic
Author

SCEA 5/1- JAAS question

Steven Colley
Ranch Hand

Joined: Feb 18, 2005
Posts: 290
Does JAAS (in Java 5 EE model) support or not SSO ?

tkkks in advance!


SCJP | SCWCD | SCBCD | SCWSD 5 | SCEA (I) 1.4 | SCEA 5 | IBM SOA 669
Farbod H Foomany
Ranch Hand

Joined: Feb 29, 2008
Posts: 63
Hi,
You can implement SSO using JAAS and EE 5 offers some helps by giving implementation of Kerbero based login in Krb5LoginModule:
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/module/Krb5LoginModule.html
See these links:
http://java.sun.com/j2se/1.4.2/docs/guide/security/jgss/single-signon.html
http://www.ibm.com/developerworks/java/library/j-gss-sso/
http://www.ibm.com/developerworks/web/library/wa-singlesign/
Best Regards
Farbod
Steven Colley
Ranch Hand

Joined: Feb 18, 2005
Posts: 290
Hi farbod, these are excelent samples...took a look at some of them..but my question is simpler...

just want to understand if JAAS API itself does support SSO or not..... ( or is this accomplished by using SAML ? ).

Because I've already answered some mock exams which mention that JAAS does NOT support SSO...and after that I ready and responded other ones which say that JAAS DOES support SSO.

got a little confused with.


Tks in advance!!!

tkks!
Jimmy Clark
Ranch Hand

Joined: Apr 16, 2008
Posts: 2187
The Java Authentication and Authorization Service API can certainly be used to implement single sign-on functionality. The correct answer to a question about whether this API supports single sign-on functionality is yes.
Steven Colley
Ranch Hand

Joined: Feb 18, 2005
Posts: 290
OK, tks James!!
Farbod H Foomany
Ranch Hand

Joined: Feb 29, 2008
Posts: 63
Hi,
I agree with both YES and NO I am not sure SSO is an out of the box option. but 'supports' ? yes it supports.
Look at so many products that have implemented SSO, oracle JSSO for example and identity management.
It seems that SSO is not a requirement for JEE compatible application server. But easy to implement using Krb5LoginModule.
SAML facilitates SSO for web services. SSO's Kerberos tokens are a bit different from SAML tokens.
Regards
Farbod

P.S. I was thinking to myself if I were supposed to go to heaven or hell based on this answer, which one I would choose. I think I would linger there forever!
[ May 07, 2008: Message edited by: Farbod H Foomany ]
Steven Colley
Ranch Hand

Joined: Feb 18, 2005
Posts: 290
Originally posted by Farbod H Foomany:
[QB]Hi,
I agree with both YES and NO I am not sure SSO is an out of the box option. but 'supports' ? yes it supports.
Look at so many products that have implemented SSO, oracle JSSO for example and identity management.
It seems that SSO is not a requirement for JEE compatible application server. But easy to implement using Krb5LoginModule.
SAML facilitates SSO for web services. SSO's Kerberos tokens are a bit different from SAML tokens.
Regards
Farbod


No..that's fine Farbod..

It makes sense! In short then :

JAAS DOES support SSO.
SSO easy to be implemented by JAAS using kerberos.
SAML = SSO for web services.
SSO is not a requirement for JEE compatible application server.

anything else?

tks!!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: SCEA 5/1- JAAS question
 
Similar Threads
Security frameworks for application frameworks
user maintenance
JAAS
JAAS
JAAS Authentication Entries Where are they stored...!!