Code Comments

Programming Forum and web based access to our favorite programming groups.
For Programmers: Free Programming Magazines | New: Database administration forum
Registration is free! Edit your profileCalendarFind other membersFrequently Asked QuestionsSearch -> 
Code Comments > Java Forum > Java Security >

Integrating java security API with host OS


Post New Thread











Thread
Author
Integrating java security API with host OS
Hi all

I'd like to check if some user can access some file.
This is code snippet (exception handling ommited):
public static void main(String[] args) {

Subject s = new Subject();

// AD is configured kerberos login context

LoginContext lc = new LoginContext("AD",s,new TextCallbackHandler());

lc.login();

File f = new File("C:\\bin");

System.out.println("I  " + (f.canRead() ?"can":"can not" ) + "read" );

Subject.doAsPrivileged(s, new PrivilegedAction() {

public Object run() {

File f = new File("C:\\bin");

System.out.println("You " + f.canRead());

return null;

}

},null);

}

I managed to logon onto Active Directory OK, but both File.canRead() fails
when snippet is ran with java -Djava.security.manager and pass when ran
without -D....,
regardless of login success.

Any ideas?

---

Boris

Report this thread to moderator Post Follow-up to this message
Old Post
Boris Bralo
03-20-04 01:54 AM

Re: Integrating java security API with host OS
Hi all,
I've done some research since initial posting and discovered
that I'm on my own and I'll have to wrap native API.

I think that's shame, beacuse java security infrastructure has
very good and complete authentication.  For authorization,
you're left with policy file.

Is there a JCP for this ?

I don't belive that this isn't scratching the itch since, during my
research, I've see all kinds of wierd solutions for this problem. For
example, BEA uses System.exec() to spawn  little utility executable named
wlauth to check permission on host OS. I'm trying to build an app for very
high traffic site, and I'll be so fired if I suggest something like that
:-).

---

Boris

> Hi all
>
> I'd like to check if some user can access some file.
> This is code snippet (exception handling ommited):
> public static void main(String[] args) {
>
>     Subject s = new Subject();
>
>     // AD is configured kerberos login context
>
>      LoginContext lc = new LoginContext("AD",s,new TextCallbackHandler());
>
>      lc.login();
>
>      File f = new File("C:\\bin");
>
>      System.out.println("I  " + (f.canRead() ?"can":"can not" ) +
"read" );
>
>     Subject.doAsPrivileged(s, new PrivilegedAction() {
>
>         public Object run() {
>
>                 File f = new File("C:\\bin");
>
>                 System.out.println("You " + f.canRead());
>
>                 return null;
>
>     }
>
>     },null);
>
> }
>
> I managed to logon onto Active Directory OK, but both File.canRead() fails
> when snippet is ran with java -Djava.security.manager and pass when ran
> without -D....,
> regardless of login success.
>
> Any ideas?
>
> ---
>
> Boris
>
>

Report this thread to moderator Post Follow-up to this message
Old Post
Boris Bralo
03-20-04 01:54 AM

Sponsored Links



Last Thread Next Thread Next
Search this forum -> 
Post New Thread

Java Security archive

Show a Printable Version Send to friend Email This Page to Someone! subscribe to this thread Receive updates to this thread
Computer Consultants
Programming Jobs
Visual Basic Controls
SQL Server Programming
Webservices
Java Security
Visual Studio
C# Programming
Visual J++
Software engineering
Open source Software
Perl Programming
PHP Programming
ASP Programming
ASP .NET Programming
Visual Basic Programming
Windows Scripting Host
Java Programming
Java Help
Java Beans
VBScript
Cobol
MAC Applications
Unix Programming
Forum Jump:
All times are GMT. The time now is 01:38 PM.

 
Free MCSE Braindumps | Real Estate Topics
Programming forum archive

Copyrights CodeComments.com 2004 - 2006

Powered by vBulletin Copyright 2000-2006 Jelsoft Enterprises Limited.