SlideShare a Scribd company logo

Secure Jaas Authentication

Download as PPT, PDF
P
Phaniu

Mule security jaas

Technology
1 of 8
Security-Jaas
2 Jaas Security The JaasSimpleAuthenticationProvider is a security provider that provides a way to interact with the Jaas Authentication Service. The security provider for Jaas can be configured in a couple of different ways. It allows you to configure Jaas either by passing to the provider a Jaas configuration file or by passing the required attributes directly to the JaasSimpleAuthenticationProvider. These two configuration methods are described below.
3 Jaas Configuration Using the Jaas Configuration File Usually, JAAS authentication is performed in a pluggable fashion, so applications can remain independent from underlying authentication technologies. jaasTest{ org.mule.module.jaas.loginmodule.DefaultLoginModule required credentials="anon:anon;Marie.Rizzo:dragon;" };
4 The above example was saved in a file called jaas.conf. This file contains just one entry called com.ss.jaasTest, which is where the application we want to protect can be found. The entry specifies the login module that's used to authenticate the user. As a login module, you can either use Mule's DefaultLoginModule, one of the login modules that come with Sun, or else create your own. In this case, we have opted for Mule's DefaultLoginModule.
5 The required flag that follows the login module specifies that the login module must succeed for the authentication to be considered successful. Additional flags are: Required - The login module is required to succeed. If it succeeds or fails, authentication still continues to proceed down the login module list. Requisite - The login module is required to succeed. If it succeeds, authentication continues down the login module list. If it fails, control immediately returns to the application. Sufficient - The login module is not required to succeed. If it does succeed, control immediately returns to the application (authentication does not proceed down the login module list). If it fails, authentication continues down the login module list. Optional - The login module is not required to succeed. If it succeeds or fails, authentication still continues to proceed down the login module list.
6 The entry also specifies the credentials, in which we put a string of authorized users together with their passwords. The credentials are put here only when the DefaultLoginModule is going to be used, as the method in which the user names and passwords are obtained may vary from one login module to another. The format of the credentials string must adhere to the following format if the DefaultLoginModule is going to be used: <username>:<password>;
7 Configuring the Provider in the Mule Configuration File <mule xmlns="http://www.mulesource.org/schema/mule/core/3.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaas="http://www.mulesource.org/schema/mule/jaas/3.2" ...cut... <jaas:security-manager> <jaas:security-provider name="jaasSecurityProvider" loginContextName="jaasTest" loginConfig="jaas.conf"/> </jaas:security-manager>
Secure Jaas Authentication

Recommended

Mule security - jaas
Mule security - jaasMule security - jaas
Mule security - jaasD.Rajesh Kumar
 
Mule security-jaas
Mule security-jaasMule security-jaas
Mule security-jaasPraneethchampion
 
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1... Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...WebStackAcademy
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior
 
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...Lenur Dzhemiliev
 
Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior
 
Secure Code Warrior - Remote file inclusion
Secure Code Warrior - Remote file inclusionSecure Code Warrior - Remote file inclusion
Secure Code Warrior - Remote file inclusionSecure Code Warrior
 
Sql injection attack
Sql injection attackSql injection attack
Sql injection attackRaghav Bisht
 

Recommended

Mule security - jaas
Mule security - jaasMule security - jaas
Mule security - jaasD.Rajesh Kumar
 
Mule security-jaas
Mule security-jaasMule security-jaas
Mule security-jaasPraneethchampion
 
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1... Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...WebStackAcademy
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior
 
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...
OWASP Top 10 Vulnerabilities - A5-Broken Access Control; A6-Security Misconfi...Lenur Dzhemiliev
 
Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior
 
Secure Code Warrior - Remote file inclusion
Secure Code Warrior - Remote file inclusionSecure Code Warrior - Remote file inclusion
Secure Code Warrior - Remote file inclusionSecure Code Warrior
 
Sql injection attack
Sql injection attackSql injection attack
Sql injection attackRaghav Bisht
 
Broken access control
Broken access controlBroken access control
Broken access controlPriyanshu Gandhi
 
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...Edureka!
 
Mule security - authorization using spring security
Mule security - authorization using spring securityMule security - authorization using spring security
Mule security - authorization using spring securityD.Rajesh Kumar
 
Security authorizationusingspringsecurity-sathyaraj
Security authorizationusingspringsecurity-sathyarajSecurity authorizationusingspringsecurity-sathyaraj
Security authorizationusingspringsecurity-sathyarajsathyaraj Anand
 
Mule validators
Mule validatorsMule validators
Mule validatorskrishashi
 
Broken access controls
Broken access controlsBroken access controls
Broken access controlsAkansha Kesharwani
 
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015gmaran23
 
ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web SecuritySharePointRadi
 
A10 - Unvalidated Redirects and Forwards
A10 - Unvalidated Redirects and ForwardsA10 - Unvalidated Redirects and Forwards
A10 - Unvalidated Redirects and ForwardsShane Stanley
 
SQL Injection
SQL InjectionSQL Injection
SQL InjectionAsish Kumar Rath
 
Web Security: SQL Injection
Web Security: SQL InjectionWeb Security: SQL Injection
Web Security: SQL InjectionVortana Say
 
Obiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsObiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsRavi Kumar Lanke
 
Application security [appsec]
Application security [appsec]Application security [appsec]
Application security [appsec]Judy Ngure
 
REPRODUCCIÓN
REPRODUCCIÓNREPRODUCCIÓN
REPRODUCCIÓNlaurajj
 
SISTEMA SENSORIAL
SISTEMA SENSORIALSISTEMA SENSORIAL
SISTEMA SENSORIALlaurajj
 
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...Water, Land and Ecosystems (WLE)
 
Irregular Periods and Polycystic Ovary Syndrome
Irregular Periods and Polycystic Ovary SyndromeIrregular Periods and Polycystic Ovary Syndrome
Irregular Periods and Polycystic Ovary SyndromeBH KADIN SAĞLIĞI
 
Banana plant deficiency symptoms and corrective measures
Banana plant deficiency symptoms and corrective measures Banana plant deficiency symptoms and corrective measures
Banana plant deficiency symptoms and corrective measures KisanConnect.com
 
Amazing Benefits of Vegetable Hair Dye
Amazing Benefits of Vegetable Hair DyeAmazing Benefits of Vegetable Hair Dye
Amazing Benefits of Vegetable Hair DyeMedisys Kart
 
Building Institutions for Groundwater Governance in Andhra Pradesh, India
Building Institutions for Groundwater Governance in Andhra Pradesh, IndiaBuilding Institutions for Groundwater Governance in Andhra Pradesh, India
Building Institutions for Groundwater Governance in Andhra Pradesh, IndiaWater, Land and Ecosystems (WLE)
 
MULE-JAAS
MULE-JAASMULE-JAAS
MULE-JAASD.Rajesh Kumar
 
Mule security - jaas
Mule security - jaasMule security - jaas
Mule security - jaashimajareddys
 

More Related Content

What's hot

What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...Edureka!
 
Mule security - authorization using spring security
Mule security - authorization using spring securityMule security - authorization using spring security
Mule security - authorization using spring securityD.Rajesh Kumar
 
Security authorizationusingspringsecurity-sathyaraj
Security authorizationusingspringsecurity-sathyarajSecurity authorizationusingspringsecurity-sathyaraj
Security authorizationusingspringsecurity-sathyarajsathyaraj Anand
 
Mule validators
Mule validatorsMule validators
Mule validatorskrishashi
 
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015gmaran23
 
A10 - Unvalidated Redirects and Forwards
A10 - Unvalidated Redirects and ForwardsA10 - Unvalidated Redirects and Forwards
A10 - Unvalidated Redirects and ForwardsShane Stanley
 
Web Security: SQL Injection
Web Security: SQL InjectionWeb Security: SQL Injection
Web Security: SQL InjectionVortana Say
 
Obiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsObiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsRavi Kumar Lanke
 
Application security [appsec]
Application security [appsec]Application security [appsec]
Application security [appsec]Judy Ngure
 

What's hot (13)

Broken access control
Broken access controlBroken access control
Broken access control
 
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
What is SQL Injection Attack | How to prevent SQL Injection Attacks? | Cybers...
 
Mule security - authorization using spring security
Mule security - authorization using spring securityMule security - authorization using spring security
Mule security - authorization using spring security
 
Security authorizationusingspringsecurity-sathyaraj
Security authorizationusingspringsecurity-sathyarajSecurity authorizationusingspringsecurity-sathyaraj
Security authorizationusingspringsecurity-sathyaraj
 
Mule validators
Mule validatorsMule validators
Mule validators
 
Broken access controls
Broken access controlsBroken access controls
Broken access controls
 
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
 
ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web Security
 
A10 - Unvalidated Redirects and Forwards
A10 - Unvalidated Redirects and ForwardsA10 - Unvalidated Redirects and Forwards
A10 - Unvalidated Redirects and Forwards
 
SQL Injection
SQL InjectionSQL Injection
SQL Injection
 
Web Security: SQL Injection
Web Security: SQL InjectionWeb Security: SQL Injection
Web Security: SQL Injection
 
Obiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissionsObiee 11g security creating users groups and catalog permissions
Obiee 11g security creating users groups and catalog permissions
 
Application security [appsec]
Application security [appsec]Application security [appsec]
Application security [appsec]
 

Viewers also liked

REPRODUCCIÓN
REPRODUCCIÓNREPRODUCCIÓN
REPRODUCCIÓNlaurajj
 
SISTEMA SENSORIAL
SISTEMA SENSORIALSISTEMA SENSORIAL
SISTEMA SENSORIALlaurajj
 
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...Water, Land and Ecosystems (WLE)
 
Irregular Periods and Polycystic Ovary Syndrome
Irregular Periods and Polycystic Ovary SyndromeIrregular Periods and Polycystic Ovary Syndrome
Irregular Periods and Polycystic Ovary SyndromeBH KADIN SAĞLIĞI
 
Banana plant deficiency symptoms and corrective measures
Banana plant deficiency symptoms and corrective measures Banana plant deficiency symptoms and corrective measures
Banana plant deficiency symptoms and corrective measures KisanConnect.com
 
Amazing Benefits of Vegetable Hair Dye
Amazing Benefits of Vegetable Hair DyeAmazing Benefits of Vegetable Hair Dye
Amazing Benefits of Vegetable Hair DyeMedisys Kart
 
Building Institutions for Groundwater Governance in Andhra Pradesh, India
Building Institutions for Groundwater Governance in Andhra Pradesh, IndiaBuilding Institutions for Groundwater Governance in Andhra Pradesh, India
Building Institutions for Groundwater Governance in Andhra Pradesh, IndiaWater, Land and Ecosystems (WLE)
 

Viewers also liked (7)

REPRODUCCIÓN
REPRODUCCIÓNREPRODUCCIÓN
REPRODUCCIÓN
 
SISTEMA SENSORIAL
SISTEMA SENSORIALSISTEMA SENSORIAL
SISTEMA SENSORIAL
 
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...
Tapping Irrigation’s Potential for Women’s Empowerment: Findings from Ethiopi...
 
Irregular Periods and Polycystic Ovary Syndrome
Irregular Periods and Polycystic Ovary SyndromeIrregular Periods and Polycystic Ovary Syndrome
Irregular Periods and Polycystic Ovary Syndrome
 
Banana plant deficiency symptoms and corrective measures
Banana plant deficiency symptoms and corrective measures Banana plant deficiency symptoms and corrective measures
Banana plant deficiency symptoms and corrective measures
 
Amazing Benefits of Vegetable Hair Dye
Amazing Benefits of Vegetable Hair DyeAmazing Benefits of Vegetable Hair Dye
Amazing Benefits of Vegetable Hair Dye
 
Building Institutions for Groundwater Governance in Andhra Pradesh, India
Building Institutions for Groundwater Governance in Andhra Pradesh, IndiaBuilding Institutions for Groundwater Governance in Andhra Pradesh, India
Building Institutions for Groundwater Governance in Andhra Pradesh, India
 

Similar to Secure Jaas Authentication

Mule security - jaas
Mule security - jaasMule security - jaas
Mule security - jaashimajareddys
 
IBM Streams V4.1 and JAAS Login Module Support
IBM Streams V4.1 and JAAS Login Module SupportIBM Streams V4.1 and JAAS Login Module Support
IBM Streams V4.1 and JAAS Login Module Supportlisanl
 
Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013Jayasree Veliyath
 
Sap Access Risks Procedures
Sap Access Risks ProceduresSap Access Risks Procedures
Sap Access Risks ProceduresInprise Group
 
Spring security4.x
Spring security4.xSpring security4.x
Spring security4.xZeeshan Khan
 
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM csandit
 
Chapter 6 : Attack Execution (2)
Chapter 6 : Attack Execution (2)Chapter 6 : Attack Execution (2)
Chapter 6 : Attack Execution (2)Dr.Sami Khiami
 
Getting Started with IBM i Security: User Privileges
Getting Started with IBM i Security: User PrivilegesGetting Started with IBM i Security: User Privileges
Getting Started with IBM i Security: User PrivilegesHelpSystems
 
5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business AccountsAnayaGrewal
 
Introduction to SAP Security
Introduction to SAP SecurityIntroduction to SAP Security
Introduction to SAP SecurityNasir Gondal
 
Validation module in mule
Validation module in muleValidation module in mule
Validation module in muleAnkit Lawaniya
 
Managing Cloud identities in Hybrid Cloud | Sysfore
Managing Cloud identities in Hybrid Cloud | SysforeManaging Cloud identities in Hybrid Cloud | Sysfore
Managing Cloud identities in Hybrid Cloud | SysforeSysfore Technologies
 
Configurable Password Management: Balancing Usability and Compliance
Configurable Password Management: Balancing Usability and ComplianceConfigurable Password Management: Balancing Usability and Compliance
Configurable Password Management: Balancing Usability and CompliancePortalGuard
 
Spring security jwt tutorial toptal
Spring security jwt tutorial toptalSpring security jwt tutorial toptal
Spring security jwt tutorial toptaljbsysatm
 
Railsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDRailsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDFlurry, Inc.
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsPortalGuard
 

Similar to Secure Jaas Authentication (20)

MULE-JAAS
MULE-JAASMULE-JAAS
MULE-JAAS
 
Mule security - jaas
Mule security - jaasMule security - jaas
Mule security - jaas
 
IBM Streams V4.1 and JAAS Login Module Support
IBM Streams V4.1 and JAAS Login Module SupportIBM Streams V4.1 and JAAS Login Module Support
IBM Streams V4.1 and JAAS Login Module Support
 
Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013Steps to mitigate Top 5 OWASP Vulnerabilities 2013
Steps to mitigate Top 5 OWASP Vulnerabilities 2013
 
Sap Access Risks Procedures
Sap Access Risks ProceduresSap Access Risks Procedures
Sap Access Risks Procedures
 
Spring security4.x
Spring security4.xSpring security4.x
Spring security4.x
 
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
 
Chapter 6 : Attack Execution (2)
Chapter 6 : Attack Execution (2)Chapter 6 : Attack Execution (2)
Chapter 6 : Attack Execution (2)
 
Sap basis and_security_administration
Sap basis and_security_administrationSap basis and_security_administration
Sap basis and_security_administration
 
Getting Started with IBM i Security: User Privileges
Getting Started with IBM i Security: User PrivilegesGetting Started with IBM i Security: User Privileges
Getting Started with IBM i Security: User Privileges
 
5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts
 
Introduction to SAP Security
Introduction to SAP SecurityIntroduction to SAP Security
Introduction to SAP Security
 
Validation module in mule
Validation module in muleValidation module in mule
Validation module in mule
 
Managing Cloud identities in Hybrid Cloud | Sysfore
Managing Cloud identities in Hybrid Cloud | SysforeManaging Cloud identities in Hybrid Cloud | Sysfore
Managing Cloud identities in Hybrid Cloud | Sysfore
 
Configurable Password Management: Balancing Usability and Compliance
Configurable Password Management: Balancing Usability and ComplianceConfigurable Password Management: Balancing Usability and Compliance
Configurable Password Management: Balancing Usability and Compliance
 
Spring security jwt tutorial toptal
Spring security jwt tutorial toptalSpring security jwt tutorial toptal
Spring security jwt tutorial toptal
 
Railsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUDRailsplitter: Simplify Your CRUD
Railsplitter: Simplify Your CRUD
 
Java EE Services
Java EE ServicesJava EE Services
Java EE Services
 
Saas security
Saas securitySaas security
Saas security
 
Sever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple PasswordsSever-based Password Synchronization: Managing Multiple Passwords
Sever-based Password Synchronization: Managing Multiple Passwords
 

More from Phaniu

Anypoint data gateway
Anypoint data gatewayAnypoint data gateway
Anypoint data gatewayPhaniu
 
Data weave
Data weave Data weave
Data weave Phaniu
 
How to use expression filter
How to use expression filterHow to use expression filter
How to use expression filterPhaniu
 
How to use message properties component
How to use message properties componentHow to use message properties component
How to use message properties componentPhaniu
 
Mapping and listing with mule
Mapping and listing with muleMapping and listing with mule
Mapping and listing with mulePhaniu
 
Mmc rest api user groups
Mmc rest api user groupsMmc rest api user groups
Mmc rest api user groupsPhaniu
 
Mule esb stripe
Mule esb stripeMule esb stripe
Mule esb stripePhaniu
 
Mule for each scope headerc ollection
Mule for each scope headerc ollectionMule for each scope headerc ollection
Mule for each scope headerc ollectionPhaniu
 
Mule esb
Mule esbMule esb
Mule esbPhaniu
 
Mule for each scope headerc ollection
Mule for each scope headerc ollectionMule for each scope headerc ollection
Mule for each scope headerc ollectionPhaniu
 
Mule for each scope headerc ollection
Mule for each scope headerc ollectionMule for each scope headerc ollection
Mule for each scope headerc ollectionPhaniu
 
Mule esb
Mule esbMule esb
Mule esbPhaniu
 
Mule for each scope headerc ollection
Mule for each scope headerc ollectionMule for each scope headerc ollection
Mule for each scope headerc ollectionPhaniu
 
Mule security jaas
Mule security jaasMule security jaas
Mule security jaasPhaniu
 
Mule security saml
Mule security samlMule security saml
Mule security samlPhaniu
 
Mule soa
Mule soaMule soa
Mule soaPhaniu
 
Mule soap
Mule soapMule soap
Mule soapPhaniu
 
Mule soap
Mule soapMule soap
Mule soapPhaniu
 

More from Phaniu (20)

Anypoint data gateway
Anypoint data gatewayAnypoint data gateway
Anypoint data gateway
 
Data weave
Data weave Data weave
Data weave
 
How to use expression filter
How to use expression filterHow to use expression filter
How to use expression filter
 
How to use message properties component
How to use message properties componentHow to use message properties component
How to use message properties component
 
Mapping and listing with mule
Mapping and listing with muleMapping and listing with mule
Mapping and listing with mule
 
Mmc rest api user groups
Mmc rest api user groupsMmc rest api user groups
Mmc rest api user groups
 
Mmc
MmcMmc
Mmc
 
Mmc 2
Mmc 2Mmc 2
Mmc 2
 
Mule esb stripe
Mule esb stripeMule esb stripe
Mule esb stripe
 
Mule for each scope headerc ollection
Mule for each scope headerc ollectionMule for each scope headerc ollection
Mule for each scope headerc ollection
 
Mule esb
Mule esbMule esb
Mule esb
 
Mule for each scope headerc ollection
Mule for each scope headerc ollectionMule for each scope headerc ollection
Mule for each scope headerc ollection
 
Mule for each scope headerc ollection
Mule for each scope headerc ollectionMule for each scope headerc ollection
Mule for each scope headerc ollection
 
Mule esb
Mule esbMule esb
Mule esb
 
Mule for each scope headerc ollection
Mule for each scope headerc ollectionMule for each scope headerc ollection
Mule for each scope headerc ollection
 
Mule security jaas
Mule security jaasMule security jaas
Mule security jaas
 
Mule security saml
Mule security samlMule security saml
Mule security saml
 
Mule soa
Mule soaMule soa
Mule soa
 
Mule soap
Mule soapMule soap
Mule soap
 
Mule soap
Mule soapMule soap
Mule soap
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 

Secure Jaas Authentication

  • 2. 2 Jaas Security The JaasSimpleAuthenticationProvider is a security provider that provides a way to interact with the Jaas Authentication Service. The security provider for Jaas can be configured in a couple of different ways. It allows you to configure Jaas either by passing to the provider a Jaas configuration file or by passing the required attributes directly to the JaasSimpleAuthenticationProvider. These two configuration methods are described below.
  • 3. 3 Jaas Configuration Using the Jaas Configuration File Usually, JAAS authentication is performed in a pluggable fashion, so applications can remain independent from underlying authentication technologies. jaasTest{ org.mule.module.jaas.loginmodule.DefaultLoginModule required credentials="anon:anon;Marie.Rizzo:dragon;" };
  • 4. 4 The above example was saved in a file called jaas.conf. This file contains just one entry called com.ss.jaasTest, which is where the application we want to protect can be found. The entry specifies the login module that's used to authenticate the user. As a login module, you can either use Mule's DefaultLoginModule, one of the login modules that come with Sun, or else create your own. In this case, we have opted for Mule's DefaultLoginModule.
  • 5. 5 The required flag that follows the login module specifies that the login module must succeed for the authentication to be considered successful. Additional flags are: Required - The login module is required to succeed. If it succeeds or fails, authentication still continues to proceed down the login module list. Requisite - The login module is required to succeed. If it succeeds, authentication continues down the login module list. If it fails, control immediately returns to the application. Sufficient - The login module is not required to succeed. If it does succeed, control immediately returns to the application (authentication does not proceed down the login module list). If it fails, authentication continues down the login module list. Optional - The login module is not required to succeed. If it succeeds or fails, authentication still continues to proceed down the login module list.
  • 6. 6 The entry also specifies the credentials, in which we put a string of authorized users together with their passwords. The credentials are put here only when the DefaultLoginModule is going to be used, as the method in which the user names and passwords are obtained may vary from one login module to another. The format of the credentials string must adhere to the following format if the DefaultLoginModule is going to be used: <username>:<password>;
  • 7. 7 Configuring the Provider in the Mule Configuration File <mule xmlns="http://www.mulesource.org/schema/mule/core/3.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaas="http://www.mulesource.org/schema/mule/jaas/3.2" ...cut... <jaas:security-manager> <jaas:security-provider name="jaasSecurityProvider" loginContextName="jaasTest" loginConfig="jaas.conf"/> </jaas:security-manager>