S E C U R I T Y  


The users.properties file uses a "username=password" format with each user entry on a 


separate line as show here: 


username1=password1 


username2=password2 


... 


The roles.properties file uses as "username=role1,role2,..." format with an optional group 


name value. For example: 


username1=role1,role2,... 


username1.RoleGroup1=role3,role4,... 


username2=role1,role3,... 


The supported login module configuration options include the following: 


    


unauthenticatedIdentity=name, Defines the principal name that should be 


assigned to requests that contain no authentication information. This can be used to 


allow unprotected servlets to invoke methods on EJBs that do not require a specific 


role. Such a principal has no associated roles and so can only access either unsecured 


EJBs or EJB methods that are associated with the unchecked permission constraint. 


    


password stacking=useFirstPass, When password stacking option is set, this 


module first looks for a shared username and password under the property names 


"javax.security.auth.login.name" and "javax.security.auth.login.password" 


respectively in the login module shared state Map. If found these are used as the 


principal name and password. If not found the principal name and password are set 


by this login module and stored under the property names 


"javax.security.auth.login.name" and "javax.security.auth.login.password" 


respectively. 


    


hashAlgorithm=string: The name of the java.security.MessageDigest algorithm to 


use to hash the password. There is no default so this option must be specified to 


enable hashing. When hashAlgorithm is specified, the clear text password obtained 


from the CallbackHandler is hashed before it is passed to 


UsernamePasswordLoginModule.validatePassword as the inputPassword argument. 


The expectedPassword as stored in the users.properties file must be comparably 


hashed. 


    


hashEncoding=base64|hex: The string format for the hashed pass and must be 


either "base64" or "hex". Base64 is the default. 


    


hashCharset=string: The encoding used to convert the clear text password to a byte 


array. The platform default encoding is the default. 


66








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

     best web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved