JAAS Common Classes

1
JAAS Common Classes

• Daniel Jones
• http//java.sun.com/security/jaas/doc/api.html

2
Subject

• Represents a grouping of related information for
  a single entity (source of request). i.e. person
  or service.
• Contains Sets of Principles and Credentials

3
Creating a subject instance

• public Subject() //sets are empty (not null)
• public Subject( boolean readOnly, Set principals,
• Set pubCredentials,
• Set privCredentials)

4
Principles

• Associated identity
• Must implement java.security.Principal
• java.io.Serializable interfaces
• Principle(John Doe)
• Principle(123-45-6789)

5
Credentials

• Security-related attributes
• Can be public or private
• Any java class can represent a credential
• Examples
• Cryptographic keys
• Public key certificates

6
Retrieving Principals

• public Set getPrincipals()
• public Set getPrincipals( Class c )
• Returns only principals that were an instance of
  class c
• Returns an empty set if there were none

7
Retrieving Credentials

• Works the same as getPrincipals()
• public Set getPublicCredentials()
• public Set getPublicCredentials( Class c )
• public Set getPrivateCredentials()
• public Set getPrivateCredentials( Class c )

8
Setting Principals and Credentials

• java.util.Set class
• Subject subject
• Principal principal
• Object credential
• //add a principal and credential to the subject
• subject.getPrincipals().add(principal)
• subject.getPublicCredentials().add(credential)

9
Setting Principals and Credentials

• getPrincipals(), getPublicCredentials() and
  getPrivateCredentials()
• These return the original sets. Modifying them
  will change the original.
• getPrincipals( Class c ), getPublicCredentials(
  Class c ), and getPrivateCredentials( Class c )
• These return copies of the original sets.

10
doAs method

• public static Object doAs(final Subject subject,
  final java.security.PrivilegedAction action)
• public static Object doAs(final Subject subject,
  final java.security.PrivlegedExceptionAction
  action) throws java.security.PrivlegedActionExcept
  ion
• Both methods first associate the specified
  subject with the current Threads
  AccessControlContext and then execute action.
  This achieves the effect of having the action run
  as the subject.

11
doAs Example assumptions

• Assume that a subject with a Principal of class
  com.ibm.security.Principal anmed BOB has been
  authenticated by a LoginContext lc.
• Assume a Security Manager has been installed.

12
doAs Example Control Policy

• //grant BOB permission to read the file,
  foo.txt
• grant Principal com.ibm.security.Principal BOB
  
• permission java.io.FilePermission foo.txt,
  read

13
doAs Example

• Class ExampleAction implements java.security.Privl
  egedAction
• public Object run()
• java.io.File f new java.io.File(foo.txt)
• //the following call invokes a security check
• if(f.exists()) System.out.println(exists)
• return null

14
doAs Example

• Public class Example1
• public static void main(String args)
• //authenticate the subject BOB
• Subject bob
• //perform ExampleAction as BOB
• Subject.doAs(bob, new ExampleAction())

15
doAs Example Results

• ExampleAction passes the security check
• If Principal MOE tries to access it,
  SecurityException will be thrown.