|
Sponsored Links
Resources
Enterprise Java
Research Library
Get Java white papers, product information, case studies and webcasts
|
News
News
News
|
Messages: 9
Messages: 9
Messages: 9
Printer friendly
Printer friendly
Printer friendly
Post reply
Post reply
Post reply
XML
XML
XML
|
 |
Wedgetail Releases JCSI Single Signon
Wedgetail has announced a Java Crypto and Security Implementation (JCSI) Single Sign-On product. Wedgetail allows J2EE appservers running on windows to use Windows Integrated Authentication (MS Active Directory) to provide single sign-on to deployed J2EE apps, allowing users/passwords to be managed using standard windows infrastructure.
Check out Wedgetail and their press release .
|
|
|
Message #79895
Post reply
Post reply
Post reply
Go to top
Go to top
Go to top
|
|
What about JCIFS
I have used jcifs from samba.org to do the same kind of thing?
How does this compare?
Thank You
Jim Tyrrell
|
|
|
Message #79909
Post reply
Post reply
Post reply
Go to top
Go to top
Go to top
|
|
Directory Service not equal Single-sign-on
MS ActiveDirectory is only a type of data store. Not provide SSO API and SPI to developer.
|
|
|
Message #79910
Post reply
Post reply
Post reply
Go to top
Go to top
Go to top
|
|
I think you might be a bit confused
CIFS = Common Internet File System
jCIFS is the Java implementation of that standard
|
|
|
Message #79911
Post reply
Post reply
Post reply
Go to top
Go to top
Go to top
|
|
DS implementation
Do you guys know of anyone that has a similar product that talks to Sun's Directory Server?
|
|
|
Message #79948
Post reply
Post reply
Post reply
Go to top
Go to top
Go to top
|
|
Sorry
Sorry to sound confused. I have used the NTLM filter with great success.
How does what this product is doing compare to that?
Is the vendor here to answer?
Thank You
Jim Tyrrell
|
|
|
Message #80091
Post reply
Post reply
Post reply
Go to top
Go to top
Go to top
|
|
NTLM vs WIA
[I work for the vendor so treat accordingly :-)] The previous poster
covered one of the main differences between the NTLM filter provided by
jCIFS and our product. NTLM uses an MD5 hash of the password to
authenticate users in a manner that is "plaintext equivalent" (meaning
that if you get the hash then you break the scheme). The Windows
Integrated Authentication mechanism uses the SPNEGO protocol with
Kerberos to provide a much more secure authentication mechanism, and
also provides mutual authentication with the server. (I'll be honest
and say the SPNEGO protocol is not secure against active
man-in-the-middle attacks, but is still _much_ more secure than NTLM).
However, there are quite a few other benefits. By default, Internet
Explorer will send a delegated credential to the web server which
allows you to do "pass-through authentication" to another Kerberized
service. We currently have an example that shows you how to do this to
IIS or another J2EE app server running our SSO filter. In a future
release, we will add support for doing this to DB2 via it's Kerberized
JDBC driver and provide transparent delegation using the
HttpUrlConnection. This ideal for securely "front-ending" a J2EE
application to Microsoft stuff (like ASP .NET et al).
SPNEGO is also the current default security mechanism for Microsoft
SOAP web services. Although I may be made to wash my mouth out for
saying this in a J2EE forum, we have an example that shows how to write
a C# .NET client that talks securely to a Web Service using the Java
Web Services Developer pack.
Lastly, the next release of our product will add support for doing J2EE
authorization using Active Directory groups using the PAC information
present in the Kerberos ticket. This provide a secure mechanism that
allows authorisation to be centrally managed across many (J2EE or
non-J2EE) applications.
Hope that helps.
Dean.
|
|
|
Message #158930
Post reply
Post reply
Post reply
Go to top
Go to top
Go to top
|
|
NTLM vs WIA
NTLM uses an MD5 hash of the password to
authenticate users in a manner that is "plaintext equivalent" (meaning
that if you get the hash then you break the scheme).
This is just false. The plain text equivalent hash is never transmitted over the wire. All hashes are salted with a session challenge.
But yes SPEGNO is better than NTLM for a variety of reasons.
Mike
|
|
|
| New content on TheServerSide.comNew content on TheServerSide.comNew content on TheServerSide.com |
|
|
Reza Rahman continues to explore the features of the proposed JSR 299, Contexts and Dependency Injection for Java EE (CDI). When approved, it promises to be a key feature of Java EE 6.
(January 21, Article)
Ted Neward is an independent consultant specializing in high-scale enterprise systems, and an authority in Java and .NET technologies. He is the author and co-author of several books, including Effective Enterprise Java. At TheServerSide Java Symposium in March, he will be presenting sessions on pragmatic architecture, ECMAScript and Scala.
(January 15, Article)
Now that Oracle is absorbing Sun Microsystems, there mixed views on what should come of the Java Community Process (JCP). While some say Oracle should become the new steward of Java and keep the JCP much as it was, others argue that it may be time to open-source this widespread language.
(November 24, Article)
Reza Rahman explores the features of the proposed JSR 299, Contexts and Dependency Injection for Java EE (CDI). When approved, it promises to be a key feature of Java EE 6.
(November 2, Article)
SAML is an XML-based standard for exchanging authentication and authorization data between security domains. The single most important problem that SAML was created to solve is the Web browser Single Sign-On problem. Many organizations are debating whether to stay with version 1.1 or move to 2.0. This article makes observations about both options.
(September 28, Article)
Joe Ottinger takes a look at how people learn, and applies it to the practice of programming. He notes that understanding how people learn is an essential part of working in a programming team.
(September 22, Article)
Stephen Maryka gave us an article about the Asynchronous Web and posed a number of questions that get examined like an approach to delivering Asynchronous Web capabilities through extensions to existing Java EE technologies.
(July 14, Article)
JavaServer Faces Flex goal is to provide users capability in creating standard Flex components, part of flexSDK which is open sourced through MPL license, as normal JSF components. This article by Ji Hoon Kim will provide an overview of creating a simple multilingual JSF page consisting of JSF Flex tags.
(June 29, Article)
In this session Jeff explores the key characteristics of successful SOA projects. He covers some of the patterns, and anti-patterns, tool sets, and strategies that he himself learned the hard way. Last, he provides a strategy and blueprint for achieving a high likelihood of success in your SOA project.
(June 23, Tech Talk)
Ari Zilka, CTO of Terracotta, Inc., talks about the new features in Terracotta 3.1, announced during JavaOne and available now.
(June 15, Tech Talk)
In this Tech Talk, Josh Long explores an integration challenge using Spring Integration and walks through the implementation, employing and expanding on the basic patterns of Enterprise Application Integration to tie together components into a function integration solution, and then demonstrates how Spring Integration helps address the integration requirements.
(June 15, Tech Talk)
In this Tech Talk, David Geary teaches you: The basics of Google Web Toolkit; How to implement Ajax-enabled applications in Java; Internationalization; Hooking into the browser history mechanism; Remote procedure calls.
(June 4, Tech Talk)
Jon Kern discusses the best architecture/technical solutions and ensure that they are repeated by all developers. By tackling the architecture up-front in a serial manner, subsequent parallel development will be much more manageable and predictable.
(May 28, Tech Talk)
This keynote describes the frustrations of modern knowledge workers in their quest to actually get some work done, and solutions for how to guard yourself against all those distractions. Neal Ford talks about environments, coding, acceleration, automation, and avoiding repetition as ways to defeat the misguided attempts to sap your ability to produce good work.
(May 26, Tech Talk)
Gil demonstrates how new, aggressive uses of already abundant compute capacity by common applications offer competitive value for application designers.
(May 21, Tech Talk)
Chris Keene introduces WaveMaker as a new way to automate the ability to generate Hibernate classes in order to more quickly bring OR mapping into an application.
(May 19, Article)
Download the entire book of Jakarta-Struts Live and learn about Struts MVC, Tiles, the Validator, DynaActionForms, plug-ins, internationalization, and more.
(Book PDF Download)
The Application Server Matrix is a detailed listing of J2EE vendors and their application server products, with information on latest version numbers, J2EE spec support and licensing, pricing, platform support, and links to product downloads and reviews.
(Application Server Comparison Matrix)
|
|
