S E C U R I T Y  


respectively in the login module shared state Map. If found these are used as the 


principal name and password. If not found the principal name and password are set 


by this login module and stored under the property names 


"javax.security.auth.login.name" and "javax.security.auth.login.password" 


respectively. 


    


hashAlgorithm=string: The name of the java.security.MessageDigest algorithm to 


use to hash the password. There is no default so this option must be specified to 


enable hashing. When hashAlgorithm is specified, the clear text password obtained 


from the CallbackHandler is hashed before it is passed to 


UsernamePasswordLoginModule.validatePassword as the inputPassword argument. 


The expectedPassword as stored in the LDAP server must be comparably hashed.  


    


hashEncoding=base64|hex: The string format for the hashed pass and must be 


either "base64" or "hex". Base64 is the default. 


    


hashCharset=string: The encoding used to convert the clear text password to a byte 


array. The platform default encoding is the default. 


The authentication of a user is performed by connecting to the LDAP server based on the 


login module configuration options. Connecting to the LDAP server is done by creating an 


InitialLdapContext with an environment composed of the LDAP JNDI properties described 


previously in this section. The Context.SECURITY_PRINCIPAL is set to the distinguished 


name of the user as obtained by the callback handler in combination with the 


principalDNPrefix and principalDNSuffix option values, and the 


Context.SECURITY_CREDENTIALS property is either set to the String password or the 


Object credential depending on the useObjectCredential option. 


Once authentication has succeeded by virtue of being able to create an InitialLdapContext 


instance, the user s roles are queried by performing a search on the rolesCtxDN location 


with search attributes set to the roleAttributeName and uidAttributeName option values. 


The roles names are obtaining by invoking the toString method on the role attributes in the 


search result set. 


A sample login configuration entry is: 


 


   


    


      flag = "required"> 


      


name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory 


      


name="java.naming.provider.url">ldap://ldaphost.jboss.org:1389/ 


      simple 


69








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

     best web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved