Hello all what is the best way to implement AA mechanism ( authorization and Authentication ) in java desktop app , i have accounting application that needs AA mechanism
damn, beat me with the same link :)
Omry
2009-09-30 13:29:28
A:
I suggest you use Kerberos for authentication. Java has built-in Kerberos client. You just need to have a KDC. If you have Windows AD, it can serve as a KDC.
You can use JAAS as the API to perform Kerberos authentication.
There is nothing built-in for authorization. I suggest you use role based authorization. You have to define the roles yourself and it can be placed inside the AuthorizationData of Kerberos ticket.
There many other authentication mechanism you can use on client. Kerberos is the only one with standard token (ticket) so users don't have to enter password over and over again.
ZZ Coder
2009-09-30 14:14:02
A:
Not clear what type of AA you have in mind.
If you want to AA against Windows Active Directory, then the easiest way is to connect to LDAP server of that directory with user's id and password (that's authentication) and read the list of groups (that's for authorization).
JAAS is rather generic and thus complex, for specific cases it's often better to use a simpler way.
Vladimir Dyuzhev
2009-09-30 14:14:20