File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Manage user account in unix

 
Donald Fung
Greenhorn
Posts: 18
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I'm developing a web(servlet + JSP) for displaying the system. And I was told to create a web for user to create/update/delete UNIX OS account.

There are two ways to do:
1) Write a shell script and call runtime to execute it. However, it's very dangerous that everyone can use 'ps' to see the background process(eg, passing password to shell script in command).

2) Modify the telnet class from apache.org. However, I found it requires well-define all interaction(text stream output, such as duplicate user) from the UNIX.

Which one is better to achieve it?

[ May 03, 2005: Message edited by: Donald Fung ]
[ May 03, 2005: Message edited by: Donald Fung ]
 
M Beck
Ranch Hand
Posts: 323
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
every Unix-like operating system already has command-line utilities for creating and removing user accounts; tools like "useradd", "adduser", and the like. find out what's available on the machine you want to add users on, and how to run them, then invoke those from your Java program. trust me, it's much better to use just one, single, standard tool for every user account and every new way to add new user accounts.

as for passing passwords on the command line, there are two points:
(1), for security, a new account should be created with an already expired password that the user will have to change the first time they log in;
(2), many of the pre-made tools i mentioned are command-line interactive, i.e., they ask questions as they go along. write your Java program such that it reads the output of these tools as they run and write suitable responses (including passwords) over a file descriptor to these tools' input. then your command line can be left mostly or wholly empty.

[edited: spelling & grammar]
[ May 03, 2005: Message edited by: M Beck ]
 
Layne Lund
Ranch Hand
Posts: 3061
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
To me, this task seems ill suited for Java because it is so platform specific. Is it possible for you to write this in some other language? My first idea was to write a CGI script in C++, but that seems VERY unsafe. In fact, user management over the Internet seems like a security hole, even if you use encryption, like SSL.

I'm mostly just thinking out loud here with the hope that it will spark some ideas for you. I'm sorry that I can't answer your question directly.

Layne
 
M Beck
Ranch Hand
Posts: 323
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i pretty much assumed that this was an exercise in some systems administration class, since there's little to no reason to reinvent this particular wheel any longer; web-based administration tools for Unix are a dime a dozen, and many of them are free. webmin comes to mind.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic