jass登录认证
一 什么是JAAS
Java 認證和授權服務”(Java Authentication and Authorization Service,JAAS)是對 Java 2 SDK 的擴展。
JAAS 可分Authentication和Authorization 。
1) Authentication:認證用戶身份。看哪個用戶在執行代碼。通俗的來說就是哪個用戶在執行操作。這個操作可能在某個application或bean或servlet上.
2) Authorization : 授權用戶操作。也就是驗證用戶是否對指定資源有特定訪問權限。好比某一用戶是否有對指定文件的讀取權限。
二 常用接口
CallbackHandler:用去用戶信息,用于驗證用戶身份。
LoginModule:用于驗證用戶信息。
只是一個通過配置的或傳參的兩個對象的組合應用
回調是你調用我,傳入你,我用傳入的你調你
三 簡單Demo
MyCallbackHandler.java
Java代碼 復制代碼 收藏代碼
package authentication;
import java.io.BufferedReader;
import java.io.IOException;
4.import java.io.InputStreamReader;
5.import javax.security.auth.callback.Callback;
6.import javax.security.auth.callback.CallbackHandler;
7.import javax.security.auth.callback.NameCallback;
8.import javax.security.auth.callback.PasswordCallback;
9.import javax.security.auth.callback.UnsupportedCallbackException;
10.
11.public class MyCallbackHandler implements CallbackHandler {
12.
13. @Override
14. public void handle(Callback[] callbacks) throws IOException,
15. UnsupportedCallbackException {
16. for(Callback callback:callbacks){
17.
18. if(callback instanceof NameCallback){
19. NameCallback nameCallback=(NameCallback)callback;
20.
21. String prompt=nameCallback.getPrompt();
22.
23. System.err.print(prompt);
24.
25. nameCallback.setName(new BufferedReader(new InputStreamReader(System.in)).readLine());
26. }
27.
28. if(callback instanceof PasswordCallback){
29. PasswordCallback passwordCallback=(PasswordCallback)callback;
30.
31. String prompt=passwordCallback.getPrompt();
32.
33. System.err.print(prompt);
34.
35. passwordCallback.setPassword(new BufferedReader(new InputStreamReader(System.in)).readLine().toCharArray());
36. }
37. }
38.
39. }
40.}
SampleLoginModule.java
Java代碼 復制代碼 收藏代碼
1.package authentication;
2.import java.util.Map;
3.import javax.security.auth.Subject;
4.import javax.security.auth.callback.Callback;
5.import javax.security.auth.callback.CallbackHandler;
6.import javax.security.auth.callback.NameCallback;
7.import javax.security.auth.callback.PasswordCallback;
8.import javax.security.auth.login.LoginException;
9.import javax.security.auth.spi.LoginModule;
10.public class SampleLoginModule implements LoginModule {
11.
12. // initial state
13. private Subject subject;
14. private CallbackHandler callbackHandler;
15. private Map sharedState;
16. private Map options;
17.
18. // configurable option
19. private boolean debug = false;
20.
21. // username and password
22. private String username;
23. private char[] password;
24.
25. public void initialize(Subject subject, CallbackHandler callbackHandler,
26. Map sharedState, Map options) {
27.
28. this.subject = subject;
29. this.callbackHandler = callbackHandler;
30. this.sharedState = sharedState;
31. this.options = options;
32.
33. // initialize any configured options
34. debug = "true".equalsIgnoreCase((String)options.get("debug"));
35. }
36.
37. public boolean login() throws LoginException {
38. Callback[] callbacks = new Callback[2];
39. callbacks[0] = new NameCallback("user name: ");
40. callbacks[1] = new PasswordCallback("password: ", false);
41.
42. try {
43. callbackHandler.handle(callbacks);
44. } catch (Exception e) {
45. throw new RuntimeException(e);
46. }
47. username = ((NameCallback)callbacks[0]).getName();
48. password = ((PasswordCallback)callbacks[1]).getPassword();
49.
50. if("admin".equals(username)&&"admin".equals(new String(password))){
51. return true;
52. }
53.
54. return false;
55.
56. }
57.
58. public boolean commit() throws LoginException {
59. System.out.println(" =========== commit ==========");
60. return true;
61. }
62.
63.
64. public boolean abort() throws LoginException {
65. System.out.println(" =========== abort ==========");
66. return true;
67. }
68.
69.
70. @Override
71. public boolean logout() throws LoginException {
72. System.out.println(" =========== logout ==========");
73. return true;
74. }
75.
76.
77.}
SampleAcn.java
Java代碼 復制代碼 收藏代碼
1.package authentication;
2.import javax.security.auth.login.LoginContext;
3.public class SampleAcn {
4. public static void main(String[] args) throws Exception {
5. LoginContext lc = new LoginContext("sample",new MyCallbackHandler());
6.
7. lc.login();
8. }
9.}
sample_jaas.config
Config代碼 復制代碼 收藏代碼
1.sample {
2. authentication.SampleLoginModule required debug=true;
3.};
要設置的系統參數 -Djava.security.auth.login.config==src/authentication/sample_jaas.config
Demo認證執行流程:
Java代碼 復制代碼 收藏代碼
1.LoginContext lc = new LoginContext("sample",new MyCallbackHandler());
構造LoginContext
Java代碼 復制代碼 收藏代碼
1.lc.login();
執行認證。因為系統參數設置
-Djava.security.auth.login.config==src/authentication/sample_jaas.config
所以認證配置文件是sample_jaas.config。因為構造LoginContext的時候傳入的第一個參數是"sample".
所以在sample_jaas.config中查找名為sample的配置段。及
Config代碼 復制代碼 收藏代碼
1.sample {
2. authentication.SampleLoginModule required debug=true;
3.};
authentication.SampleLoginModule為指定的LoginModule實現。
因為構造LoginContext的時候傳入的第二個參數是new MyCallbackHandler。所以MyCallbackHandler用于獲取用戶認證信息。
所以:在執行lc.login()時,會調用SampleLoginModule的login方法。而SampleLoginModule會通過MyCallbackHandler獲取用戶的認證信息。如果認證成功則返回true,否則返回false.
Java 認證和授權服務”(Java Authentication and Authorization Service,JAAS)是對 Java 2 SDK 的擴展。
JAAS 可分Authentication和Authorization 。
1) Authentication:認證用戶身份。看哪個用戶在執行代碼。通俗的來說就是哪個用戶在執行操作。這個操作可能在某個application或bean或servlet上.
2) Authorization : 授權用戶操作。也就是驗證用戶是否對指定資源有特定訪問權限。好比某一用戶是否有對指定文件的讀取權限。
二 常用接口
CallbackHandler:用去用戶信息,用于驗證用戶身份。
LoginModule:用于驗證用戶信息。
只是一個通過配置的或傳參的兩個對象的組合應用
回調是你調用我,傳入你,我用傳入的你調你
三 簡單Demo
MyCallbackHandler.java
Java代碼 復制代碼 收藏代碼
package authentication;
import java.io.BufferedReader;
import java.io.IOException;
4.import java.io.InputStreamReader;
5.import javax.security.auth.callback.Callback;
6.import javax.security.auth.callback.CallbackHandler;
7.import javax.security.auth.callback.NameCallback;
8.import javax.security.auth.callback.PasswordCallback;
9.import javax.security.auth.callback.UnsupportedCallbackException;
10.
11.public class MyCallbackHandler implements CallbackHandler {
12.
13. @Override
14. public void handle(Callback[] callbacks) throws IOException,
15. UnsupportedCallbackException {
16. for(Callback callback:callbacks){
17.
18. if(callback instanceof NameCallback){
19. NameCallback nameCallback=(NameCallback)callback;
20.
21. String prompt=nameCallback.getPrompt();
22.
23. System.err.print(prompt);
24.
25. nameCallback.setName(new BufferedReader(new InputStreamReader(System.in)).readLine());
26. }
27.
28. if(callback instanceof PasswordCallback){
29. PasswordCallback passwordCallback=(PasswordCallback)callback;
30.
31. String prompt=passwordCallback.getPrompt();
32.
33. System.err.print(prompt);
34.
35. passwordCallback.setPassword(new BufferedReader(new InputStreamReader(System.in)).readLine().toCharArray());
36. }
37. }
38.
39. }
40.}
SampleLoginModule.java
Java代碼 復制代碼 收藏代碼
1.package authentication;
2.import java.util.Map;
3.import javax.security.auth.Subject;
4.import javax.security.auth.callback.Callback;
5.import javax.security.auth.callback.CallbackHandler;
6.import javax.security.auth.callback.NameCallback;
7.import javax.security.auth.callback.PasswordCallback;
8.import javax.security.auth.login.LoginException;
9.import javax.security.auth.spi.LoginModule;
10.public class SampleLoginModule implements LoginModule {
11.
12. // initial state
13. private Subject subject;
14. private CallbackHandler callbackHandler;
15. private Map sharedState;
16. private Map options;
17.
18. // configurable option
19. private boolean debug = false;
20.
21. // username and password
22. private String username;
23. private char[] password;
24.
25. public void initialize(Subject subject, CallbackHandler callbackHandler,
26. Map sharedState, Map options) {
27.
28. this.subject = subject;
29. this.callbackHandler = callbackHandler;
30. this.sharedState = sharedState;
31. this.options = options;
32.
33. // initialize any configured options
34. debug = "true".equalsIgnoreCase((String)options.get("debug"));
35. }
36.
37. public boolean login() throws LoginException {
38. Callback[] callbacks = new Callback[2];
39. callbacks[0] = new NameCallback("user name: ");
40. callbacks[1] = new PasswordCallback("password: ", false);
41.
42. try {
43. callbackHandler.handle(callbacks);
44. } catch (Exception e) {
45. throw new RuntimeException(e);
46. }
47. username = ((NameCallback)callbacks[0]).getName();
48. password = ((PasswordCallback)callbacks[1]).getPassword();
49.
50. if("admin".equals(username)&&"admin".equals(new String(password))){
51. return true;
52. }
53.
54. return false;
55.
56. }
57.
58. public boolean commit() throws LoginException {
59. System.out.println(" =========== commit ==========");
60. return true;
61. }
62.
63.
64. public boolean abort() throws LoginException {
65. System.out.println(" =========== abort ==========");
66. return true;
67. }
68.
69.
70. @Override
71. public boolean logout() throws LoginException {
72. System.out.println(" =========== logout ==========");
73. return true;
74. }
75.
76.
77.}
SampleAcn.java
Java代碼 復制代碼 收藏代碼
1.package authentication;
2.import javax.security.auth.login.LoginContext;
3.public class SampleAcn {
4. public static void main(String[] args) throws Exception {
5. LoginContext lc = new LoginContext("sample",new MyCallbackHandler());
6.
7. lc.login();
8. }
9.}
sample_jaas.config
Config代碼 復制代碼 收藏代碼
1.sample {
2. authentication.SampleLoginModule required debug=true;
3.};
要設置的系統參數 -Djava.security.auth.login.config==src/authentication/sample_jaas.config
Demo認證執行流程:
Java代碼 復制代碼 收藏代碼
1.LoginContext lc = new LoginContext("sample",new MyCallbackHandler());
構造LoginContext
Java代碼 復制代碼 收藏代碼
1.lc.login();
執行認證。因為系統參數設置
-Djava.security.auth.login.config==src/authentication/sample_jaas.config
所以認證配置文件是sample_jaas.config。因為構造LoginContext的時候傳入的第一個參數是"sample".
所以在sample_jaas.config中查找名為sample的配置段。及
Config代碼 復制代碼 收藏代碼
1.sample {
2. authentication.SampleLoginModule required debug=true;
3.};
authentication.SampleLoginModule為指定的LoginModule實現。
因為構造LoginContext的時候傳入的第二個參數是new MyCallbackHandler。所以MyCallbackHandler用于獲取用戶認證信息。
所以:在執行lc.login()時,會調用SampleLoginModule的login方法。而SampleLoginModule會通過MyCallbackHandler獲取用戶的認證信息。如果認證成功則返回true,否則返回false.
總結
- 上一篇: lighttpd/1.4.35 for
- 下一篇: 客制化键盘编程_「教程」客制化发光键盘线