Menu
I am developing a server/client Java application where I need to authenticate the client before sending data, also I need to encrypt the sent data after authentication and to ensure its freshness
I am wondering what is the best library that I could use to do that?
267
Applications enable the authentication process by instantiating a LoginContext object, which in turn references a Configuration to determine the authentication technology or technologies, or LoginModule (s), to be used in performing the authentication.
There are four types of authentication available: BASIC, FORM, CLIENT-CERT and DIGEST.
The Microsoft Authentication Library for Java (MSAL4J) enables applications to integrate with the Microsoft identity platform.
Authorization of the Java Authentication and Authorization Service (JAAS) augments the existing code-centric access controls with new user-centric access controls. Permissions are granted based on what code is running and who is running it.
Take a look at the security module in the Spring framework. Pretty much covers all the common authentication and authorisation services
160
Java Authentication and Authorization Service is a part of Java spec since SE 1.4. The API is fairly well-defined, but as it has been written with goal of covering every possible auth backend (including LDAP, smart card and similar stuff) it may bring too much functionality overhead.
Apache Shiro is one of libraries/frameworks that I am aware of, that build upon JAAS, abstracting it's concepts and making them generally easier to use. The second one is jGuard, but as of Dec 2013 it seems to not being maintained anymore.
36
You could integrate with an existing LDAP (or Active Directory) registry using OpenLDAP ( http://www.openldap.org/jldap/ ).
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
