1 Reply Latest reply on Apr 22, 2003 7:34 PM by andygodwin

    Lasting Credentials

    frobazz

      Hey all,

      I have a set of java client applications that authenticate to a set of EJBs running in JBoss using JAAS. These clients are short-lived "command-line" programs that implement a job-control system. I'd like to have the clients be able to log in once at the beginning of the session and keep around some sort of credential allowing for auto-login from the same machine/location/user for a period of time, without having to re-login - Similar in nature to cvs login.

      Does anyone know if there are any packages to support such a thing in JAAS, or will I have to write my own?

      Thanks in advance,
      frobazz (Mike Lanzetta)

        • 1. Re: Lasting Credentials
          andygodwin

          AFAIK, there's nothing in JAAS to support persistent
          logins. The login credentials are sent from the client
          with every request, so once the client-side java
          process terminates those credentials are gone.

          CVS login works by just saving the login credentials to
          a file, $HOME/.cvspass by default, I think. You could
          do a similar thing in your apps (you might want to
          encrypt the contents a bit, like CVS does). You could
          add a timeout by checking the file's creation time, for
          example.

          HTH