File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Java in General and the fly likes Interoperability UNIX and Java Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "Interoperability UNIX and Java" Watch "Interoperability UNIX and Java" New topic

Interoperability UNIX and Java

vik nuckchady

Joined: Apr 25, 2001
Posts: 25
I am trying to build an intranet using J2EE. However i was thinking of leavig the access control management to UNIX since it has a strong track record in terms of security. The idea is to let UNIX decide whether a user belonging to some group can have access to the document (object in question).
This idea derives from the possiblity of making system calls as in a CGI approach. i know this defeats some very important rules laid down by Sun.
i would really appreciate any criticism or ideas of how to go about.
Thanks in advance.
Regards Vik
Rob Acraman
Ranch Hand

Joined: Dec 03, 2000
Posts: 89
Interesting project. I'm no great expert, but I'll throw my 2-cents in for what it's worth
Offhand, I reckon you wouldn't be able to use Unix security.
Picture this: Your users are on their PCs hitting your intranet through their web-browsers. What's happening at the server end? Answer: the client's requests are being handled by your web-server.
And that's the problem. Your WebServer is a single process, with its own user-id and protection. Unix security never sees the "remote" user-id, and it doesn't have the faintest idea which user the web-server is servicing at the moment.
In fact, of course, the WebServer could very well be servicing a user that doesn't even have a logon id on the unix box (just like you don't have a logon id at the machine that's hosting JavaRanch).
The closest you can get to it is that you can get the WebServer to prompt for a login against one of its own user-ids, and that enables users to access various directories protect by the ".htaccess" files. Of course, ".htaccess" is a filename coded into the WebServers, not Unix.
I agree. Here's the link:
subject: Interoperability UNIX and Java