Skip to main content

JAAS

JAAS protects the system from users by allowing or denying access based upon who or what runs the program. JAAS can simplify your Java security development by putting an abstraction layer between your application and disparate underlying authentication and authorization mechanisms. This independence from platforms and algorithms allows you to use different security mechanisms without modifying your application-level code. As with most Java security APIs, JAAS achieves this implementation-independence through an extensible framework of pluggable service provider interfaces (SPIs): a set of abstract classes and interfaces to which specific implementations are developed. JAAS can perform both authentication and authorization. Using JAAS authentication from your application typically involves the following steps:

Steps to create
ü  Create a LoginContext
ü  Optionally pass a CallbackHandler to the LoginContext, for gathering or processing authentication data
ü  Perform authentication by calling the LoginContext's login() method
ü  Perform privileged actions using the returned Subject (assuming login succeeds)   Underneath the covers, a few other things occur:

During initialization,
ü  the LoginContext finds the configuration entry "MyExample" in a JAAS configuration file (which you configured) to determine which LoginModules to load (see Figure 2)[JAAS.CONF]
ü  During login, the LoginContext calls each LoginModule's login() method
ü  Each login() method performs the authentication or enlists a CallbackHandler
The CallbackHandler uses one or more Callbacks to interact with the user and gather input
A new Subject instance is populated with authentication details such as Principals and credentials

FLOW OF EXECUTION: Any class that implements javax.security.auth.callback.CallbackHandler interface. javax.security.auth.callback.

 CallbackHandler has only one method which we can use to provide a password for a given identifier. These passwords may be retrieved from a database, from a protected configuration file or the password callback handler may even delegate this functionality to some other component within the application like a user manager component, where the user management functionality is centralized.
--> -->

Comments

Post a Comment

Popular posts from this blog

Microservices Design patterns

What are microservices? Microservices - also known as the microservice architecture - is an architectural style that structures an application as a collection of services that are Highly maintainable and testable Loosely coupled Independently deployable Organized around business capabilities Owned by a small team The microservice architecture enables the rapid, frequent and reliable delivery of large, complex applications. It also enables an organization to evolve its technology stack. You are developing a server-side enterprise application. It must support a variety of different clients including desktop browsers, mobile browsers and native mobile applications. The application might also expose an API for 3rd parties to consume. It might also integrate with other applications via either web services or a message broker. The application handles requests (HTTP requests and messages) by executing business logic; accessing a database; exchanging messages with other systems; and returni...
Post a Comment
Read more

GraphQL

What is GraphQL  API Standard invented & open-sourced by Facebook Alternative to  REST API  enables declarative data fetching  exposes single endpoint & responds to queries How it works?  Why Graphql? Improvises performance by reducing the data that is to be transferred over the internet Variety of different frontend frameworks and platforms on client-side Fast development speed & expectation for rapid feature development Why Graphql is better than REST? Flexibility & efficient  No more over /under fetching of data Over fetching : Under fetching: Insightful analytics  Schema serves as contract between client and server CORE CONCEPTS : SDL :SCHEMA DEFINITION LANGUAGE Writing Data with mutations 3 kinds of mutations creating new data updating existing data deleting existing data
Post a Comment
Read more

Jackson

<dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId> jackson-core </artifactId> <version>2.9.6</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId> jackson-annotations </artifactId> <version>2.9.6</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId> jackson-databind </artifactId> <version>2.9.6</version> </dependency> CBOR encoded data with Jackson <dependency> <groupId>com.fasterxml.jackson.dataformat</groupId> <artifactId>jackson-dataformat-cbor</artifactId> <version>2.9.6</version> </dependency> In order to read and write MessagePack encoded data <dependency> <groupId>org.msgpack</groupId> <artifactId>jackson-dataformat-msgp...
Post a Comment
Read more