jaas, authenticate application users on a database table
I want to know the simplest way to authenticate an application u开发者_StackOverflowser on a database table using jaas.
Since a database table with username/hashed password is probably the most common solution, is there a "provided" LoginModule for this kind of auth?The JDBCRealm support in Tomcat 6, comes out-of-the-box. This is probably sufficient for most needs. Note, that Tomcat also provides the DataSourceRealm to allow for authentication via a JNDI based JDBC datasource; this is better suited for applications that need a dedicated connection pool to access the authentication data source. Note that the realm implementations support the use of digested/hashed passwords; but not by default. This would require additional configuration via the digest attribute of each realm.
Glassfish also supports authentication of principals using a JDBC realm. Details for creating the realm can be found in the Glassfish Administration Guide. The guide might provide pitiful documentation on the allowed values for managing the realm - you'll these in a blog post.
If you are looking for ways to manage the underlying users in the realms, then most/all containers do not come with management tools for the same. You would have to write these tools on your own.
Also, if you wish to support digest algorithms not supported by these Realm implementation, or have the implementations work in a different manner (like adding a salt to the password, or locking out users based on a policy), then you'll need to roll out your own implementations.
Now, if you wish to use these in your application, this is usually done by specifying the realms in the appropriate deployment descriptor of your application. Assuming this is a web application, you can specify the realm used (for form, basic and digest authentication schemes) in the web.xml file.
精彩评论