Tuesday, June 5, 2007

Weblogic etc..

Pre Compile Java Server Pages (JSP) using ANT :


<java classname="weblogic.jspc" fork="true" failonerror="true" dir="${war.home}">
          <jvmarg value="-Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0"/>
          <jvmarg value="-Dweblogic.jsp.windows.caseSensitive=true"/>
          <classpath>
            <pathelement path="${weblogic-related.jars}"/>
            <pathelement path="${application-related.jars}"/>
            <pathelement path="${java.class.path}"/>
          </classpath>
          <arg line="-depend -compileAll -keepgenerated -d WEB-INF/classes ."/>
</java>




Weblogic.9.2 and JDK 1.5.0_011.
Weblogic 9.2 comes with JDK 1.5.0.04 version. If you need to point to JDK version 1.5.0_011, then you need to use a parameter:
-Dcom.sun.xml.namespace.QName.useCompatibleSerialVersionUID=1.0

Make sure the domain is using the right JDK version. Make use of this parameter in startWeblogic.cmd/.sh files. Also can be used when running Ant tasks.


Posted by at

Java Utils

Some of my past works include the use of various JDK API:

Adler32 API Usage:
What is this API used for ?
Checksum is the answer. To compute the Adler-32 checksum of a data stream.
We need this in order to know if a data stream has changed in time.
Set the checksum and then read the file again to see if the checksum has changed. if so , meaning file has changed.
Check the code here.


 String fileContents = null;
 long adlerCheckSumValue = 0l;
 // read the file contents into fileContents as a string.
 Adler32 adlerCheckSum = new Adler32();
 checkSum.update(fileContents.getBytes());
 adlerCheckSumValue = adlerCheckSum .getValue();

 OR

 //get the check sum value from the given input stream.
  
 CheckedInputStream cis = new CheckedInputStream(inputStream, adlerCheckSum );
while (cis.read() != -1) {
         //Do nothing here
      }

      adlerCheckSumValue  =  adlerCheckSum .getValue();






Simple log4j logging configuration for simple utilities:
The Pattern logs this way :

[ INFO ]:: 2007-06-26 17:42:42,001:: com.xxx.xxx.xx.XXXXX.main(XXXXX.java:147):: This is the log message...


String pattern =  "[ %p ]";
        pattern += ":: %d";        
        pattern += ":: %l";
        pattern += ":: %m %n"; 
 
        PatternLayout layout = new PatternLayout(pattern);
        FileAppender appender = new FileAppender(layout, filePath);
        Logger logger = Logger.getLogger(theClass);
        logger.addAppender(appender);

filepath is the absolute path with log file name.
theClass is the class object.
Posted by at
Labels: , ,

Friday, June 1, 2007

Authentication using JAAS and Kerberos


A lot of Organizations tend to use Kerberos for authentication and JAAS does support Kerberos for authenticating users. Well here is a step-by-step approach to Kerberos authentication with JAAS. I am not going to talk about Kerberos server or the installation. It is all about authentication. Please see the list of issues below.

-Djava.security.krb5.conf=krb5.conf
-Djava.security.auth.login.config=$FILE-PATH\kerberoscontext.conf -Djava.security.krb5.realm=ABC.NET
-Djava.security.krb5.kdc=ABC.XYZ.NET

The above configurations are required and I will explain each one of them.

1. Create a file krb5.conf and here are the contents of the file.
Place this file in JAVA_HOME/jre/lib/security. This is required by this configuration here -Djava.security.krb5.conf=krb5.conf. No need of file path.

[libdefaults]
default_realm = ABC.NET
dns_lookup_kdc = true

[domain_realm]
.abc.net = ABC.NET

You need to get this information from the Organization's Kerberos management team or administrators. You need to know Kerberos REALM and Kerberos KDC.

2. Create a Kerberos login module configuration file (kerberoscontext.conf). Place this file anywhere you like, but you need to mention the absolute file path within this configuration parameter : -Djava.security.auth.login.config=$FILE-PATH>\kerberoscontext.conf . This file is a JAAS requirement.

Kerberos5LoginModule {
com.sun.security.auth.module.Krb5LoginModule required debug="true"
};

One can add more parameters depending upon the needs. This is the minimum requirements.

3. Now you need to develop a Security Service or Manager which can authenticate based on the user input (user & password). You can find the complete code here AuthenticationService.

4. You also need to develop a Login Module Adapter. This makes the Authentication Service decoupled from the type of Authentication(Kerberos, NT, AD, Unix etc.). This is very important even if you know what type of authentication you are going to use. This type of Design is very important when you are involved in Agile development. Agile Development warrants a developer with adding code incrementally and adding functionality incrementally. Adding functionality will certainly add code, but adding code might not add functionality to the application. Check the code for Login Module Adapter. KerberosLoginModuleAdapter.


5. AuthenticationService is an implementation of IAuthenticationService. This interface has a method authenticate(user, password). This method needs to be implemented. Once the user is authenticated , the necessary data is captured within A User object (for e.g IUser). This object can be used within the application as per the needs.

6. Develop a test program to test authentication. Pass the above -D parameters as VM parameters to the test program.

References:
JAAS API
Kerberos reference.

Posted by at
Labels:
Subscribe to: Posts (Atom)