Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Developing with JAAS Presented by Maciej Zawadzki

Slides:

Advertisements

Similar presentations

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu

Advertisements

Operating System Security

METALOGIC s o f t w a r e © Metalogic Software Corporation DACS Developer Overview DACS – the Distributed Access Control System.

Java Card Technology Ch07: Applet Instructors: Fu-Chiung Cheng ( 鄭福炯 ) Associate Professor Computer Science & Engineering Computer Science & Engineering.

1 InTroToJCL Introduction to Java Class Loaders. 2 class loader l ia an object responsible for loading classes. The class ClassLoader is an abstract class.

Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & ) Java Security on the Browser Java Security in the Enterprise.

Understanding WebLogic Security

DESIGNING A PUBLIC KEY INFRASTRUCTURE

National Center for Supercomputing Applications Integrating MyProxy with Site Authentication Jim Basney Senior Research Scientist National Center for Supercomputing.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.

Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.

Lesson 18: Configuring Application Restriction Policies

Delivering Excellence in Software Engineering ® EPAM Systems. All rights reserved. ASP.NET Authentication.

1 ASP.NET SECURITY Presenter: Van Nguyen. 2 Introduction Security is an integral part of any Web-based application. Understanding ASP.NET security will.

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Java Authentication and Authorization Service (JAAS)

Blackboard Building Blocks Framework and Security Monday, September 14, 2015 Tracy Engwirda, Senior Consultant – Asia Pacific.

© Blackboard, Inc. All rights reserved. Security and Authentication Security and Authentication Tracy Engwirda Principal Consultant Blackboard Inc. July.

Security in Java Sunesh Kumra S

Java Security Shmuel Babad CEO MidLink Computing LTD

Jean T. Anderson Apache Derby Security Jean T. Anderson

Copyright © 2007, Oracle. All rights reserved. Managing Concurrent Requests.

JAAS Qingyang Liu and Lingbo Wang CSCI Web Security April 2, 2003.

© Blackboard, Inc. All rights reserved. Security and Authentication with Blackboard Building Blocks™ David Ashman Senior Software Architect, Product Development.

© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Securing a Microsoft ASP.NET Web Application.

Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)

ArcGIS Server and Portal for ArcGIS An Introduction to Security

Announcements Assignment 3 due. Invite friends, co-workers to your presentations. Course evaluations on Friday.

CIS 290 Linux Security Program Authentication Module and Security Enhanced LINUX.

Module 9 Authenticating and Authorizing Users. Module Overview Authenticating Connections to SQL Server Authorizing Logins to Access Databases Authorization.

Unit 1: Protection and Security for Grid Computing Part 2

JAVA AUTHENTICATION AND AUTHORIZATION SERVICE (JAAS)

Secure Credential Manager Claes Nilsson - Sony Ericsson

Java Security Nathan Moore CS 665. Overview Survey of Java Inherent Security Properties Java Runtime Environment Java Virtual Machine Java Security Model.

TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010  Carefree Resort  Carefree,

Java 2 security model Valentina Casola. Components of Java the development environment –development lifecycle –Java language features –class files and.

JAVA SECURITY BASIC NETWORKING MULTITHREATING Deniz HASTORUN

SECURITY ISSUES. Introduction The.NET Framework includes a comprehensive set of security tools –Low-level classes and an overall framework –Managing code.

Module 11: Securing a Microsoft ASP.NET Web Application.

Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.

A Secure JBoss Platform Nicola Mezzetti Acknowledgments: F. Panzieri.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

Getting Started with OPC.NET OPC.NET Software Client Interface Client Base Server Base OPC Wrapper OPC COM Server Server Interface WCF Alternate.

Permissions Lesson 13. Skills Matrix Security Modes Maintaining data integrity involves creating users, controlling their access and limiting their ability.

 Registry itself is easy and straightforward in implementation  The objects of registry are actually complicated to store and manage  Objects of Registry.

Jaas Introduction. Outline l General overview of Java security Java 2 security model How is security maintained by Java and JVM? How can a programmer.

©2004 BLACKBOARD, INC. ALL RIGHTS RESERVED. Security and Authentication Security and Authentication Thursday, December 17, 2015.

Java Security Session 19. Java Security / 2 of 23 Objectives Discuss Java cryptography Explain the Java Security Model Discuss each of the components.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Creating and Managing Digital Certificates Chapter Eleven.

February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.

15 Copyright © 2004, Oracle. All rights reserved. Adding JAAS Security to the Client.

8 Copyright © 2004, Oracle. All rights reserved. Making the Model Secure.

IBM Express Runtime Quick Start Workshop © 2007 IBM Corporation Deploying a Solution.

4P13 Week 5 Talking Points 1. Security Provided by BSD a self-protecting Trusted Computing Base (TCB) spanning kernel and userspace; kernel isolation.

LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►

Enterprise Java v040918JBoss Security Setup1 Setting up Security in JBoss References: “Getting Started with JBoss, J2EE applications on the JBoss 3.2.x.

Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.

19 Copyright © 2008, Oracle. All rights reserved. Security.

Chapter 14: System Protection

Limiting Access to System Properties

Topic: Java Security Models

Building Systems That Flexibly Control Downloaded Executable Content

Web Applications and JAAS

(Authentication / Authorization)

Access Control What’s New?

Plug-In Architecture Pattern

Presentation transcript:

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Developing with JAAS Presented by Maciej Zawadzki

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. What is JAAS Java Authentication and Authorization Service Introduced as an optional package in J2SE 1.3 Integrated into J2SE 1.4 Implements a Java Pluggable Authentication Module (PAM) framework Access decisions are based on CodeSource and the user running the code

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Goals JAAS is an extensive and complicated library. The goals for this presentation are: –To give an overview JAAS and its constituent parts and illustrate how they all work together –Provide enough information that you will be able to decide when it is appropriate to use JAAS –Provide an introduction on how to use JAAS; code examples to help you get started

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Outline Introduction –What is JAAS –Authentication vs. Authorization –Subject –Principal Authentication Authorization

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Authentication vs. Authorization Authentication is the process of verifying the users’ identity. Typically this entails obtaining a user name and a password or some other credential from the user. Authorization is the process of verifying whether a user has access to protected resources.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Overview of the Subject The Subject is a container for associated Principals, Public Credentials (public keys), and Private Credentials (passwords, private keys).

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Subject

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Principal A Principal identifies a Subject. The Subject can a person, a corporation, and application, etc. A single Subject may have many Principals that serve to identify the entity. For example, a user can have a user name principal, an employee id principal, social security number principal, etc.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Obtaining a Specific Principal from a Subject Applications (and app. servers) typically adopt a convention stating that the Set of Principals on a Subject can only contain one instance of a particular Principal class.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Outline Introduction Authentication Authorization

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Pluggable Authentication Modules An application using JAAS for authentication can remain independent of the underlying authentication technology.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. LoginConfiguration File The default implementation parses a configuration file in the above format Configuration file specified via java.security.auth.login.config System parameter

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. LoginConfiguration Control Flags Required – The LoginModule is required to succeed. Regardless of success, authentication proceeds to next LoginModule Requisite – Is required to succeed. If succeeds, authentication proceeds. If fails, control returned. Sufficient – Not required to succeed. If suceeds, control returned. If fails, authentication proceeds. Optional – Not required to succeed. Regardless of success, authentication proceeds. Overall authentication succeeds if all Required and Requisite modules before a Sufficient module succeed. If not Required or Requisite modules are configured, then at least one Sufficient or Optional module must succeed.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Authentication Overview 1.The application creates a LoginContext and calls login() 2.The LoginContext refers to the LoginConfiguration to set up the appropriate LoginModules 3.The LoginContext delegates the authentication to the LoginModules 4.The LoginModules use the CallbackHandler to communicate with the application

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Login Example

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Login Example Once the login succeeds we can get the principal from the LoginContext and get the authenticated Principals from the Subject.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Creating a LoginContext The name parameter is used to retrieve the appropriate login Configuration If a login Configuration with the specified name is not found, a default entry with the name “ other ” is used. If there is no Configuration with the name “ other ”, a LoginException is thrown

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Creating a LoginContext The constructors without a CallbackHandler either: –Rely on the default CallbackHandler specified in the java.security file under property named auth.login.defaultCallbackHandler –Do not use a CallbackHandler and rely on the LoginModule s to have another means of obtaining the information Callers of a LoginContext constructor require an AuthPermission with target “ createLoginContext. ”

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Logging In Authentication occurs with a call to the login() method The login() method invokes all the configured LoginModules to perform authentication When authentication succeeds, the Subject can be retrieved using the getSubject() method The logout() method logs out the Subject and removes its authenticated Principal s NTLoginModule – Authenticates against Windows Security Domain

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. LoginModule Two-phase authentication: –login() is 1 st phase method –commit() and abort() are 2 nd phase methods

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. LoginModules in J2SE 1.4 JndiLoginModule – Authenticates against an LDAP tree Krb5LoginModule – Authenticates against a Kerberos domain UnixLoginModule – Authenticates against Unix security

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Custom LoginModule Example

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Callbacks javax.security.auth.callback.Callback Marker interface used to indicate a callback. Callbacks provide a means for the underlying authentication implementation to communicate with the application and obtains security data such as user name and password as well as provide information such as error and warning messages. Included callbacks: –NameCallback –PasswordCallback –TextOutputCallback –TextInputCallback –ChoiceCallback –ConfirmationCallback –LanguageCallback

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. CallbackHandler

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Custom CallbackHandler Example

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Custom LoginConfiguration javax.security.auth.login.Configuration is an abstract Class used to specify which LoginModule s should be used to Authenticate a user for a particular application

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Custom LoginConfiguration You can configure the security system to use your own Configuration implementation by specifying the login.configuration.provider property in the /lib/security/java.security file.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Outline Introduction Authentication Authorization

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. CodeSource Based Authorization Before the integration of JAAS with Java security, authorization decisions were strictly based on the CodeSource A Trusted Library may be given access to sensitive resources while an Applet or another Library may have that access restricted.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. CodeSource and Principal Based Authorization With the integration of JAAS and J2SE Security, authorization decisions can be made based on the CodeSource and the Principal. A Library may not have access privileges to resources when running without a User context or when being executed by User Bart, but when User Andy executes the Library those permissions may be granted.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. CodeSource & ProtectionDomain The CodeSource of a piece of Java code is the URL location that the code was loaded from and the Certificates that we used to sign the code The ProtectionDomain is a holder for the CodeSource and a Principal Each class is assigned a ProtectionDomain upon being loaded. The Principal is null when the class is first loaded.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. AccessControlContext – a Context for Authorization Decisions When making access decisions, the security system looks at every ProtectionDomain involved in the call. Access is granted only if every ProtectionDomain in the Context can have access. A less privileged PD can not gain privilege by calling a more privileged PD. And a more privileged PD must lose privilege when calling a less privileged PD. This is the principle of least privilege.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Permission Permissions represent access to resources. All Permission object have a name. The meaning of the name parameter is implementation dependent. Typically the name identifies the resource to be accessed.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Permission The implies() method is implementation dependent. A permission p1 implies permission p2 if the grant of p1 is also meant to grant p2. Additional parameter called actions can be used to identify the type of access to the resource allowed. New Permissions are subclassed from Permission or from one of its existing subclasses such as java.security.BasicPermission. A special permission exists to indicate unrestricted access to all resource: java.security.AllPermission

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Policy The mapping between PDs and associated Permissions is stored by the Policy. Policy is a singleton.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Policy The default implementation of Policy accepts text based configuration in the above format Each grant entry is composed of an optional CodeSource, Signers, Principals, and a list of Permissions Default security policy is /lib/security/java.policy Can provide supplemental policy file location via –-Djava.security.policy= JVM parameter Can override the default policy file with: –-Djava.security.policy== JVM parameter

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. AccessController Your code would verify that the current context has a permission by creating a new instance of the permission in question and calling AccessController.checkPermission(p) ;

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. AccessController The AccessController embodies the access control algorithm. It obtains the current AccessControlContext, which has an array of PDs and then for each PD checks whether the PD has the requested permission.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. AccessController

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. PrivilegedAction When a trusted library invokes a PrivilegedAction, the permissions of PDs in the call stack prior to the PrivilegedAction do not get checked.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. PrivilegedAction Invoking a privileged action is done via a static method on the AccessController. PrivilegedExceptionAction can throw an Exception. Methods invoking a PrivilegedAction should not return references to resources.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Associating a Subject with an Access Control Context To associate a Subject with the current execution context, one of the Subject.doAs(…) methods must be used.

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Custom Policy You can substitute your own Policy implementation for the default one in one of two ways: –At runtime by calling Policy.setPolicy() –By changing the value of policy.provider property in /lib/security/java.security The specified class name must point to a subclass of Policy, and The specified class must be in the boot classpath Example included (you must change the java.security property on your JRE)

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Downloads All source code is included on your CDs You can check for updates

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Evaluations Please fill out your speaker evaluations and drop them off at the registration desk Please fill out the comments: –What was the best part of the presentation –What part put you most to sleep

Copyright  2002 Urbancode Software Development, Inc. All Rights Reserved. Thank you! Maciej Zawadzki