Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Tomcat Users »

Tomcat and independent JAAS configuration

Dan Tarkenton

2003-08-13


Hi all. I am in desparate need of clarification here. My questions revolve heavily around JAAS configuration itself, as well as Tomcat configuration to utilize JAAS (not the Realm stuff). I want to make JAAS work with Tomcat, yet not be tied to Tomcat in the future (i.e. I want my app portable across several application servers.)

Note: I am using jdk1.4.1 and tomcat 4.1.18.

I'll start with what I think I know. In order for an application to utilize JAAS, it needs to know the location of the jaas.policy and jaas.config files. These are the "java.security.auth.policy" and "java.security.auth.login.config" properties, respectively. Typically one would set these file locations from the command line when launching a JVM. So I figured the best thing to do would be to edit the <tomcat_home>/bin/catalina.bat file. In this file, I set the JAVA_OPTS like this:

set JAVA_OPTS=-Djava.security.auth.login.config==/DevelopmentStaging/apps/neadg/conf/security/jaas.config -Djava.security.auth.policy==/DevelopmentStaging/apps/neadg/conf/security/jaas.policy

Tomcat starts up fine with these options. Heck, the authentication part seems to be working fine. The authorization part of JAAS is what I am having trouble with -- rather I can't seem to protect any resources. Do I need to install a security manager via the "java.security.manager" property to get JAAS authorization to function?

I'll go ahead and show the contents of my jaas.config & jaas.policy files below:

##### BEGIN jaas.config #############

NEADG_Login_Module {

neadg.security.RdbmsLoginModule required debug="true" url="jdbc:mysql://localhost/jaasdb?user=foo&password=bar" driver="com.mysql.jdbc.Driver";

};

###### END jaas.config ################

and

###### BEGIN jaas.policy ##############

/* Testing AuthorPrincipal */
grant codebase "file:/DevelopmentStaging/j2ee/jakarta-tomcat-4.1.18/webapps/idg/WEB-INF/lib/idg.jar",
Principal neadg.security.AuthorPrincipal "author" {

  permission javax.security.auth.AuthPermission "doAsPrivileged";

permission java.io.FilePermission "/DevelopmentStaging/testing/foo.txt", "read";

permission java.io.FilePermission "/DevelopmentStaging/testing/foo.txt", "write";
};

###### END jaas.policy file #############

Ok, so those are the contents of my JAAS congifuration and policy. The first file tells my application to look for neadg.security.RdbmsLoginModule under the logical name of "NEADG_Login_Module". The 2nd file, the policy file, tells my application that the Principal "author" can execute permissions that follows. This is correct, right?

Well, I have a class (a Struts Action) that implements the authentication and authorization like so (you can think of this as kind of a 'main' method):

<snippet>

PassiveCallbackHandler cbh = new PassiveCallbackHandler(user, pass);

LoginContext lc = new LoginContext("NEADG_Login_Module", cbh);
lc.login();
Subject subject = lc.getSubject();                
subject.doAsPrivileged(subject, new WriteFileAction(), null );
request.getSession().setAttribute("subject", subject);
   
</snippet>

Here is my WriteFileAction class:

##### Begin WriteFileAction ####################

package neadg.security;

import java.io.*;
import java.security.PrivilegedAction;
/**
*
* @author tarkentond
*/
public class WriteFileAction implements PrivilegedAction {
 
  /** Creates a new instance of WriteFileAction */
  public WriteFileAction() {
  }
 
  /** Performs the computation. This method will be called by
  * <code>AccessController.doPrivileged</code> after enabling privileges.
  *
  * @return a class-dependent value that may represent the results of the
  *      computation. Each class that implements
  *      <code>PrivilegedAction</code>
  *      should document what (if anything) this value represents.
  * @see AccessController#doPrivileged(PrivilegedAction)
  * @see AccessController#doPrivileged(PrivilegedAction,
  *                         AccessControlContext)
  *
  */
  public Object run() {
   
    try {
       File file = new File("/DevelopmentStaging/testing/foo.txt");
       FileWriter fileWriter = new FileWriter(file);
       fileWriter.write("Welcome to SpyClub!");
       fileWriter.close();
     
    } catch (IOException ioe) {
       ioe.printStackTrace();
    }
   
    return null;
  }
 
}

##### End WriteFileAction ####################

And lastly (I know this is long), My RdbmsLoginModule class associates Principals with a Subject like this:

<snippet>

this.tempPrincipals.add(new AuthorPrincipal("author"));
       this.tempPrincipals.add(new ReviewerPrincipal("reviewer"));
       subject.getPrincipals().addAll(tempPrincipals);

</snippet>

So I was thinking it was very important to have the "this.tempPrincipals.add(new AuthorPrincipal("author"));" line in there. Whenever, I comment this out, I can STILL write foo.txt. This was the very resource I was trying to protect.

Does anyone have any thoughts? Thanks very much in advance for your help.




---------------------------------
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
©2008 junlu.com - Jax Systems, LLC, U.S.A.