wood burning stoves 2.0*
The moose likes Security and the fly likes Authenticating a password Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Authenticating a password" Watch "Authenticating a password" New topic

Authenticating a password

Rishi Shah
Ranch Hand

Joined: Sep 05, 2012
Posts: 43

I have a central admin instance of an app where judge accounts are created. In order to use this judge account, a judge instance of the app from another computer needs to authenticate with the central admin. A user instance of the app will send something to the admin, who will push it off to one of the judges.

The judges need to be able to login and authenticate with the admin. The main problem is that since every one will be on the same network and without SSL (I have no control over this) someone could sniff whatever the judge sends to the admin, and send that data himself and become authenticated as a judge.

If SSL is really the correct way to do this, then is there a way to use it without the end user having to manually do anything? I am using Socket based communication.
Rishi Shah
Ranch Hand

Joined: Sep 05, 2012
Posts: 43

I posted the "user-friendly SSL?" worry I had on StackOverflow, and got a good answer: http://stackoverflow.com/questions/12339616/java-ssl-certificate
I agree. Here's the link: http://aspose.com/file-tools
subject: Authenticating a password
Similar Threads
how to use Spring with LDAP
Incentive to non- sheriff's and non-moderators
cant find methods
who do YOU think will win the WorldCup?
RESTful architecture for integration of government information?