Java Network Security Overview - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Java Network Security Overview

Description:

BASIC Example. Forms Example. JAAS Usage. Using SSL. Generate a certificate. Deploy on Tomcat ... display-name Example Security Constraint /display-name - web ... – PowerPoint PPT presentation

Number of Views:37
Avg rating:3.0/5.0
Slides: 13
Provided by: smi779
Learn more at: https://www.cs.odu.edu
Category:

less

Transcript and Presenter's Notes

Title: Java Network Security Overview


1
Java Network Security Overview
  • Paul Flynn
  • 21 Sep 2005

2
Overview
  • Authentication
  • BASIC Example
  • Forms Example
  • JAAS Usage
  • Using SSL
  • Generate a certificate
  • Deploy on Tomcat
  • Demo
  • Crypto Overview

3
Basic
  • Works like .net basic
  • Specify user database in XML file
  • Can use Tomcat manager to handle users
  • Specify in web.xml

4
Basic
  • - ltsecurity-constraintgt
  •   ltdisplay-namegtExample Security
    Constraintlt/display-namegt
  • - ltweb-resource-collectiongt
  •   ltweb-resource-namegtProtected Arealt/web-resource-
    namegt lt!-- Define the context-relative URL(s) to
    be protected   --gt
  •   lturl-patterngt/testbasic.htmllt/url-patterngt
  •   lt/web-resource-collectiongt
  • - ltauth-constraintgt lt!-- Anyone with one of the
    listed roles may access this area   --gt
  •   ltrole-namegtdbadminlt/role-namegt
  •   lt/auth-constraintgt
  •   lt/security-constraintgt
  • - ltsecurity-constraintgt
  •   ltdisplay-namegtExample Security
    Constraintlt/display-namegt
  • - ltweb-resource-collectiongt
  •   ltweb-resource-namegtProtected JPGlt/web-resource-n
    amegt lt!-- Define the context-relative URL(s) to
    be protected   --gt
  •   lturl-patterngt.jpglt/url-patterngt
  •   lt/web-resource-collectiongt
  • - ltauth-constraintgt lt!-- Anyone with one of the
    listed roles may access this area   --gt
  •   ltrole-namegtdbadminlt/role-namegt
  •   lt/auth-constraintgt

5
Forms
  • Designated in web.xml
  • Action j_security_check
  • Username parameter j_user_name
  • Password param j_password
  • Designate a login page and error page

6
  • - ltsecurity-constraintgt
  •   ltdisplay-namegtExample Security
    Constraintlt/display-namegt
  • - ltweb-resource-collectiongt
  •   ltweb-resource-namegtProtected JPGlt/web-resource-n
    amegt lt!-- Define the context-relative URL(s) to
    be protected   --gt
  •   lturl-patterngt.jpglt/url-patterngt
  •   lt/web-resource-collectiongt
  • - ltauth-constraintgt lt!-- Anyone with one of the
    listed roles may access this area   --gt
  •   ltrole-namegtmanagerlt/role-namegt
  •   lt/auth-constraintgt
  •   lt/security-constraintgt
  • - ltsecurity-constraintgt
  •   ltdisplay-namegtExlcude Gifslt/display-namegt
  • - ltweb-resource-collectiongt
  •   ltweb-resource-namegtGifs oklt/web-resource-namegt
  •   lturl-patterngt.giflt/url-patterngt
  •   lt/web-resource-collectiongt
  •   lt/security-constraintgt lt!-- Default login
    configuration uses form-based authentication  
    --gt
  • - ltlogin-configgt
  •   ltauth-methodgtFORMlt/auth-methodgt

7
JAAS
  • Plug-in very flexible
  • Very hard to configure
  • Tomcat ?
  • Appllication Servers JBoss

8
JAAS
  • Subclass LoginModule
  • Initialize() , login(), commit(),
    abort(),logout()
  • Declare JAAS Config file
  • WebLogin
  • com.jspservletcookbook.DataSourceLoginModule
    requisite

9
Generate Certificate for SSL
  • Use the keytool command
  • Alternate use certificate from provider

gtkeytool -genkey -alias tomcat -keyalg RSA Enter
keystore password changeit What is your first
and last name? Unknown Paul Flynn What is
the name of your organizational unit?
Unknown CS872 What is the name of your
organization? Unknown ODU What is the name
of your City or Locality? Unknown
Norfolk What is the name of your State or
Province? Unknown VA What is the two-letter
country code for this unit? Unknown VA Is
CNPaul Flynn, OUCS872, OODU, LNorfolk, STVA,
CVA correct? no yes Enter key password
for lttomcatgt (RETURN if same as keystore
password)
10
Enable Tomcat Connector
  • Simply uncomment provided Connector in server.xml

ltConnector className"org.apache.coyote.tomcat4.C
oyoteConnector" port"8443"
minProcessors"5" maxProcessors"75"
enableLookups"true" acceptCount"100"
debug"0" scheme"https" secure"true"
useURIValidationHack"false"
disableUploadTimeout"true"gt ltFactory
className"org.apache.coyote.tomcat4.CoyoteServerS
ocketFactory" clientAuth"false"
protocol"TLS" /gt lt/Connectorgt
11
Cookies and Sessions
  • See examples
  • Cookies-http//localhost8080/examples/servlet/Coo
    kieExample
  • Sessions-http//localhost8080/examples/servlet/Se
    ssionExample

12
Signing Jars
  • Make a certificate (like for SSL)
  • Use jarsigner
  • Jarsigner keystore myKeystore test.jar mycert
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Java Network Security Overview" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!