MIDRANGE dot COM Mailing List Archive



Home » JAVA400-L » April 2008

Re: EIM single-signon



fixed

Hi
Use CallBackHandler and GSS to get AS400 object
This is code i have
//BeanCallbackHandler.java
import java.io.IOException;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import
javax.security.auth.callback.UnsupportedCallbackException;

public class BeanCallbackHandler
implements CallbackHandler
{

String name;
String password;

public BeanCallbackHandler(String name, String
password)
{
this.name = null;
this.password = null;
this.name = name;
this.password = password;
}

public void handle(Callback callbacks[])
throws UnsupportedCallbackException,
IOException
{
for(int i = 0; i < callbacks.length; i++)
{
Callback callBack = callbacks[i];
if(callBack instanceof NameCallback)
{
NameCallback nameCallback =
(NameCallback)callBack;
nameCallback.setName(name);
} else
if(callBack instanceof PasswordCallback)
{
PasswordCallback passwordCallback =
(PasswordCallback)callBack;

passwordCallback.setPassword(password.toCharArray());
} else
{
throw new
UnsupportedCallbackException(callBack, "Call back not
supported");
}
}

}
}
//LoginGSS.java
import java.security.PrivilegedAction;

import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;

import org.apache.log4j.Logger;

import com.ibm.as400.access.AS400;

// Referenced classes of package com.pfizer.maps.data:
// BeanCallbackHandler

public class LoginGSS
implements PrivilegedAction
{

private String as400Name;
private Logger logger;
public LoginGSS()
{
logger =
Logger.getLogger(this.getClass().getName());
}

public Object getAS400(String userId, String
password, String as400Name)
throws Exception
{
this.as400Name = as400Name;
String confName = "GSSClient";
BeanCallbackHandler beanCallbackHandler = new
BeanCallbackHandler(userId, password);
LoginContext lc = new LoginContext(confName,
beanCallbackHandler);
lc.login();
logger.debug("logged in successfully ");
Subject sub = lc.getSubject();
return Subject.doAs(sub, this);
}

public Object run()
{
try
{
// System.out.println("in run method ");
AS400 as400 = new AS400(as400Name);
// AS400Con as400 = new
AS400Con(as400Name,"", "", "2");
// as400.getAS400().connectService(2);
//System.out.println("create as400
oject");
as400.connectService(2);
logger.debug("user " + as400.getUserId() +
" system " + as400.getSystemName());
return as400;
}
catch(Exception exc)
{
logger.error(exc.getMessage());
exc.printStackTrace();
}
return null;
}
}


Apart from that you will need a krb5.ini file and
login.conf file in tomcat application server,

You can google information about krb5.ini file

Ashish



--- Justin Taylor <JUSTIN@xxxxxxxxxxxxx> wrote:

We are using the techniques detailed in the
"Windows-based Single Signon and the EIM Framework"
Redbook. User/password authentication is performed
by a Windows Active Directory server. iSeries
authentication is performed by EIM/NAS. I have it
working for iSeries Access and NetServer but now I
need to get JT400.jar to work.

Does anyone have any samples or references?


--
This is the Java Programming on and around the
iSeries / AS400 (JAVA400-L) mailing list
To post a message email: JAVA400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/java400-l
or email: JAVA400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the
archives
at http://archive.midrange.com/java400-l.





____________________________________________________________________________________
You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
http://tc.deals.yahoo.com/tc/blockbuster/text5.com





Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact