background image

Using Programmatic Login

<< Securing Application Clients | Securing EIS Applications >>
<< Securing Application Clients | Securing EIS Applications >>

Using Programmatic Login

Applications implement the CallbackHandler interface and pass it to the login context, which
forwards it directly to the underlying login modules. A login module uses the callback handler
both to gather input (such as a password or smart card PIN) from users and to supply
information (such as status information) to users. Because the application specifies the callback
handler, an underlying login module can remain independent of the various ways that
applications interact with users.
For example, the implementation of a callback handler for a GUI application might display a
window to solicit user input. Or the implementation of a callback handler for a command-line
tool might simply prompt the user for input directly from the command line.
The login module passes an array of appropriate callbacks to the callback handler's handle
method (for example, a NameCallback for the user name and a PasswordCallback for the
password); the callback handler performs the requested user interaction and sets appropriate
values in the callbacks. For example, to process a NameCallback, the CallbackHandler might
prompt for a name, retrieve the value from the user, and call the setName method of the
NameCallback
to store the name.
For more information on using JAAS for login modules for authentication, refer to the
following sources:
Java Authentication and Authorization Service (JAAS) in Java Platform, Standard Edition
Java Authentication and Authorization Service (JAAS) Reference Guide
Java Authentication and Authorization Service (JAAS): LoginModule Developer's Guide
Links to this information are provided in
"Further Information about Security" on page 795
.
Using Programmatic Login
Programmatic login enables the client code to supply user credentials. If you are using an EJB
client, you can use the com.sun.appserv.security.ProgrammaticLogin class with their
convenient login and logout methods.
Because programmatic login is specific to a server, information on programmatic login is not
included in this document, but is included in the Sun Java System Application Server 9.1
Developer's Guide.
Securing Application Clients
Chapter 29 · Securing Java EE Applications
833