Home > Archive > Java Security > April 2004 > JAAS and UNIX
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
|
| Hi,
has anyone managed to login into a UNIX system as another principal than
the user that runs the application using JAAS?
The JNDI-Module returns the corect subject, but when I do a
Subject.doAs(subject, action)
the user that runs the action remains the user who has started the
application. E.g. reading a file that is only readable by the
suthenticated user results in a
java.io.FileNotFoundException
instead of a
java.security.AccessControlException
and the "java.home" property still points to the home directory of the
application runner.
Does the runner of the application have to be root?
Am I missing something?
Regards
JK.
| |
| Oscar kind 2004-03-19, 8:54 pm |
| JK <nobody@nowhere.org> wrote:
> Okay, it seems I got it all wrong:
>
> You can't really do something "on behalf of another user" with JAAS.
> Even though you call Subject.doAs with an authenticated Subject, the
> code is still executed in the system environment of the application's owner.
Of course: Java security is separate from OS security.
The OS won't allow a program to execute (code) as a different user, unless
it executes as a superuser, or it authenticates itself using the operating
system.
JAAS is used to authenticate a user to your Java code. It does not
authenticate a program to the OS.
> Given that and the fact that the applications policy must be a subset of
> the user specific jaas policy makes JAAS quite a weak tool for
> authorisation.
It doesn't. JAAS just isn't suited for every kind of authorization. There
is a difference between the user running the program (determining the
rights a program has), and the user using a program. This distinction is
nescessary to create servers.
Oscar
--
Oscar Kind http://home.hccnet.nl/okind/
Java/J2EE Developer email available on website
| |
| Boris Bralo 2004-03-19, 8:54 pm |
| Hi
owner.[color=darkred]
>
> Of course: Java security is separate from OS security.
>
> The OS won't allow a program to execute (code) as a different user, unless
> it executes as a superuser, or it authenticates itself using the operating
> system.
>
> JAAS is used to authenticate a user to your Java code. It does not
> authenticate a program to the OS.
>
>
>
> It doesn't. JAAS just isn't suited for every kind of authorization. There
> is a difference between the user running the program (determining the
> rights a program has), and the user using a program. This distinction is
> nescessary to create servers.
>
It depends what kind of servers you want. JAAS is adequate for most often
used scenario
when you have "internet" users not known to host OS. The problem which JK
(and I) need to
solve is authorization for known users. (like ftp, telnet and many other
servers on UNIX do).
On UNIX, it is solved with fork()/setuid() and there's no natural equivalent
in java for that.
That makes java more secure, but cuts us of the possibly rich OS
authorization framework.
For example one have to use sql database (or XML files/database as in XACL)
to keep authorization
data even when it is natural to use OS users' database.
---
Boris
| |
| jhegedus 2004-04-08, 11:59 am |
| JK have you managed to solve your problem and authenticate the user in
Unix. Boris, do you have any ideas on how to do this? I'm attempting to
do the same thing without any luck.
|
|
|
|
|