Hi!I am attempting to use the JndiLoginModule to authenticate a user against an NIS v.2 server running on Red Hat Linux 7.2. The associated NIS packages on the server are:ypbind-1.8-1ypserv-1.3.12-2yp-tools-2.5-1I can successful connect to the required NIS server, however, the JndiLoginModule ...

Hello,I am trying to run the JAAS tutorial ( http://java.sun.com/j2se/1.4.1/docs/guide/security/jgss/tutorials/AcnOnly.html)My question is: Where do I get the values for the two system properties:-Kerberos realm-Kerberos KDCDo I generate them from JDK? Do I need special software to generate ...

Hi!!!we have a consulting company who has presented a SSO solution that I do not trust at all.Imagine a situation where:1. User authenticates for access to a web server (intranet) and the user can surf this web.2.Now he wants to access his mail that is only accessible thought the intranet. ...

JAAS is basically useless by itself on a stand-alone application. I can easily unjar your code, and replace the LoginModule you created with my own and then start using your application.The loginModule must be on the server side as the administrator is not going to swap out the Login module as ...

I have a system in which we want to associate a user login with user metadata -- site, phone number, etc. What's the right way to do this if we use JAAS for our logins?If we were simply going straight to LDAP, we could keep the user's login and metadata together in one record. That makes a ...

Is there a way to find out who a person is that is accesing a web page without using some kind of password authentication?

Hi,I'm looking for a Java API that implements the SSH and SFTP protocols. Such tools are required for me to transfer files securely across the internet (I am aware of Mindterm's software but the lack of documentation makes it really difficult to understand and use).Does anyone have a ...

Is it possible to protect your Java archives and compiled code from hacking and de-compiling?Thanks, Jeff

Greetings,I'm trying to use the security packages that are supported in jdk1.4 (noneed of JCE now) in tomcat environment.In a test environment running a class test in a shell, I can access a DESalgorithm and use cipher/decipher methods. But when I'm using my class intomcat (catalina), I'm ...

I'm trying to check read access to a directory by the following code:System.setSecurityManager( new SecurityManager() );SecurityManager security = System.getSecurityManager();security.checkRead( sInputDataDirectoryFullName );This directory on UNIX has read access for others.But I become next ...

Hi everybodyI have the following problem: I'm developing an applet that uses the HTTPClient library for launch request to a servlet. This servlet runs in a iPlanet server configured for require authentication. The servlet doesn't ask for any authentication by their own. But?users are asked ...

Does anybody have an example showing how to lookup the full name of a given user (userid is known) on a Windows 2000/XP domain?Sadly the JAAS framework does not include a getFullName method on the java.security.Principal Interface :-(

Hi everyone,I'm trying to develop some stuff using JAAS. The docs saythat one is not obliged to use a CallbackHandler if he doesn't expect to communicate with the user (no prompting for login names or passwords). OK, it's possible to call:LoginContext lc = new LoginContext (String name);But ...

I want to protect an application with an electronical key. Does anyone know how to check (in the code) if there is an electronical key connected to the computer ?

The Authenticator.setDefault(x) method does NOTHING (Just Returns) IF a PlugInAuthenticator has already been set by the execution environment !! What's the point of having this API then ?I have been unable to replace the "default" PlugInAuthenticator with my own at runtime.Is this possible ...

I am decrypting some data using strong encryption - worked fine in jdk1.3.1 but installed 1.4.1 and now i get an exception that indicates i dont have permission to use such a high strength. So from the little info I managed to find on the sun site I add this to my policy file ...

Can someone share with us their custom Weblogic security realm that works with WLS 6.1? I have looked at BEA's sample for a RDBMS but would like to see how others have implemented it.My intent is to implement a custom weblogic security realm with our own proprietary LDAP policy engine. I ...

Hello, Has anyone had any luck getting principal based grants working under JDK 1.4 ? In my simple example, I want to be able to login as user Andy and read the file ../conf/Andy.txt.My policy file is below:grant codebase "file:../compile/*",Principal jaas.authentication.UserPrincipalExample ...

hi there,Please I have the same problem in an applet that uses DSA with the following call:pkey = (PublicKey) new DSAPublicKey(server_pub_key);The Exception i am having on the console is java.security.AccessControlException: access denied (java.lang.RuntimePermission ...

Hi,My application consists of several jars, of which some are third party. One of the application jars contains a couple of resources, XML files and the like. I have signed all the jars and install the whole certificate chain into cacerts keystore and I given added all the requisite permissions ...

hello,i have the following error after mykey was deleted.C:\>keytool -genkeyenter keystore password? passwordkeytool error? java.io.IOException: Keystore was tampered with, or password was incorrectdoes anyone know how to fix it?

Anyone know jcavaj ( http://www.bysoft.se/sureshot/jcavaj/)?I recently found this "tool" on the internet. It said that it would decompile my java classes! Hmmm, lets try that.Download->Unpack->Run->Try on some of my own code****, this really works, was my first thought. Then I was ...

Hello,I wrote a simple example that uses a PrivateKey to encrypt data and uses the PublicKey to decrypt the encrypted data to the original, but failed.Some exception message raised as following:==========================================================java.security.spec.InvalidKeySpecException: ...

:this runs fine:-c:\java -Djava.secuirty.manager -Djava.security.policy=pol.policy Abc:this fails: -- (entered "policy.url.3=file:/C:/sgupta/pol.policy" in j2sdk1.4.1_01\jre\lib\security\java.security )c:\java -Djava.secuirty.manager -Djava.security.policy=pol.policy AbcWHY DOES THIS ...

j2sdk1.4.1_01\jre\lib\security\cacerts storekey pwd?is there a default pwd, to list the content etc, using keytool, utility

Hi,I found out that if I run my application with the security manager installed, then the getResourceAsStream() fails to return a recource (in my case, a configuration file) UNLESS that resource is in the same jar where the application's main class. However, if in the java.policy I give the ...

I work in a university where all the students have a standard PC with the JRE installed. One of our courses requires the students to modify the file 'java.security'. Since these are shared PCs, we cannot just change the the file. I would like to be able to use a 'java.security' file in ...

Hello.We need to establish a SSL connection through a standalone java client and a secure web server (like Apache or IPlanet) making use of a smartcard. We know we have to implement, almost we think so, a security provider with our RSA Cipher implementation, overriding the provided by SUN ...

Have a small problem with signing documents. When I generate a key pair on the fly and then use the private key to sign a file it's extremely fast. Timed it at 40 milliseconds. But if I save the private key and then load it, it takes 5 seconds to sign the same document. Any idea why there is ...

I'm having serious difficulties with activating the client authentication option under tomcat 4.0.5 (for ssl working).I齧 working with Verisign test certificate and my client is IE.6.When setting the clientAuth flag to false meaning only server authentication is enabled , every thing is working ...

Hello,I'm trying to authenticate a user to a Windows 2000 domain using the GSS-API and SUNs implementation in JDK 1.4.1, but without success. The kinit tool gives the following error:Exception: krb_error 52 null (52) nullKrbException: null (52)at ...

I'm researching our options for a security layer between a fat (Swing) client and some RMI objects on an application server.Both machines are running on Windows 2000, but the authentication server is NT4, so it's a PDC, not ActiveDirectory.Ideally I want the clients to pick up their ...

(Please excuse my login name, I was having a bad day when I signed up)I'm developing an applet that uses the 1.4.1 plugin. It contains a JToolBar populated with JButtons and JComboBoxes. It works great except for the fact that *every* popup component (jcomboboxes, jpopupmenus, jtooltips(!)) ...

I was on a website message board and clicked on a post. I do not know javascript and hope someone here can look at this code below and tell me if it is a virus or not. When I clicked on the post it opened tons of screens and then caused my computer to crash. After restart it works fine, but I ...

I am writing a security service architecture, in which I should be able to encrypt messages with more or less all standard algorithms ( DES, RSA, etc.).For each possibility of encrypting there is a class that represents some kind of security module, that can be executed 'on' the message and ...

Hi,I have a question concerning an error I am encountering.Background...1. I am running a web-based application using Tomcat (Version 4.1.12) with the following version ofthe Java Software Development Kit (Version j2sdk1.4.1_01).2. I am using Windows 2000.3. I have enabled ssl via the ...

Hi, AllI am using JDK 1.4 and sun's kerberos package for Kerberos Login.In my application, the primary kerberos authenticator is tried first,if it is not available, the backup one will be tried. I've changed the kdc and realm security property accordingly and create a new LoginContext, ...

How can I capture a Windows 2000 login name from within a JSP or an applet or, better still, from some other code running on the application server from which they're downloaded?

I'm implementing J2EE security to protect my webapp resources (jsp, servlet, ejb) using Weblogic 6.1. My webapp allows users to create their own user account in create_acct.jsp, similar to that of most e-commerce sites. The question I have is: How can I add/delete users/groups from my security ...

I'm running a java routine on a Windows 2000 workstation and trying to use JAAS to authenticate against a RedHat based kerberos server. When I do a login I get the following debug information:Debug is true storeKey true useTicketCache false useKeyTab false doNotPrompt false ticketCache is null ...

Hi All,This is related to Kerberos V5 based authentication.I have a Windows 2000 Active directory that is my KDC. I havea java server and client that should use the GSS API. I am trying to authenticate the userid/password from the client.In order to do this, I need to setup a private key for ...

Hi!I would like to list all security roles that are permitted to access JSP. I don't want to parse web.xml, I would like to call some API and get an enumeration of security roles...I need this in order to develop a custom include tag. In this include tag I would like to enumerate all security ...

Hello,I have an ear i would like to give to people for then to use and test it.But i don't want them to look into and of course i don't want them to look at the source.Is there a way to do that?Loic

I only installed J2SDK1.4.0I tried many example, but always got such error info:Validation failure, cert[2] :basic constraints check failed: this is not a CA certificateI have tried many situation, including creat and sign certificate with my own CA, or certificate signed by Verusign, or just ...

I am trying to configure a tomcat (4.1.12 on solaris) webserver to redirect a web app to a secure site. I'm attempting to configure this through web.xml, but I haven't found any valuable documentation. I have added: ...

I have been using Sun's JAAS Authentication with Kerberos tutorial (../security/jgss/tutorials/AcnOnly.html), and I have a question. When I test it using my username & password, I get the message:Authentication failed: Pre-authentication information was invalid (24)My password is correct ...

I am using kerberos JAAS authentication and I am getting an error code of 52. Basically some user ids that I have use a lot of groups and as the information grows it crosses the UDP limit and fails.Is there a way to configure the JAAS to use TCP instead of ...

i was able to get a publickey using a certificate that i created using keytool, my problem now is how will i be able to get a privatekey you by deriving it from a certificate created in keytool?

Hi all,I really hope someone out there can help me. I'm trying to call a windows DLL from an applet but always get some error when the call to the DLL comes. If I run it on the command line (calling a dummy main function that only calls the dll) I don't get any error. However, with the ...

I have a policy file which allows an applet to write a specified file. This policy file works, I tested it with appletviewer -J-Djava.security.policy=mypolicy.policy file:///Example/WriteFile.htmlBut when I enter a line into the java.security it doesn't work:* ...