User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE

241

242

243

244

245

246

247

248

249

250

Chapter 7: Developing Applications

7-10

public static void main(String args[]) {

ISSsoJaas sample = new ISSsoJaas();

try{

if (sample.login()) {

sample.authorize();

}

else{

System.out.println("Login failed");

}

catch(Exception ex){

ex.printStackTrace();

}

Converting CallbackHandler to an Instance

To use JAAS, CallbackHandler must be converted to an instance. The single sign-on JavaAPI supports

a CallbackHandler implementation class with the class name:

com.fujitsu.interstage.sso.auth.callback.ISCallbackHandler.

The information required for authentication is passed from CallbackHandler to LoginModule via Callback.

For a Java application that receives a user ID/password from a client for authentication, convert

ISCallbackHandler with the user ID/password obtained from the client.

CallbackHandler myHandler = new ISCallbackHandler(username, password);

When developing an application as a stand-alone application, security must be considered. For

example, use javax.net.ssl.SSLSocket for communication with a client.

For a servlet application that receives authentication information from a client, convert

ISCallbackHandler to an instance with information indicating SSO authentication success obtained from

the client. The target information is stored in a Cookie with the key name fj-is-sso-credential. The key

name is defined in variable COOKIE_KEY of class

com.fujitsu.interstage.sso.auth.ISAuthorizationCredential. The code is shown below.

Cookie cookie = null;

Cookie[] cookies = request.getCookies();

if (cookies != null){

for (int i=0; i< cookies.length;i++){

if (cookies[i].getName().equals(

ISAuthorizationCredential.COOKIE_KEY)){

cookie = cookies[i];

}

String credentialStr = cookie.getValue();

CallbackHandler myHandler = new ISCallbackHandler(credentialStr);