Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Achieve authentication using public keys

authentication

  • Please log in to reply
3 replies to this topic

#1 toto_7

toto_7

    CC Addict

  • Advanced Member
  • PipPipPipPipPip
  • 244 posts

Posted 19 March 2012 - 06:05 AM

Hello,

I would like to ask how I can achieve an authentication for user to the server in Java, using user's username.

Thanks in advance,
toto_7
  • 0

"Programming is like **. One mistake and you have to support it for the rest of your life."

-Michael Sinz

#2 wim DC

wim DC

    Roar

  • Expert Member
  • PipPipPipPipPipPipPipPip
  • 2681 posts
  • Programming Language:Java, JavaScript, PL/SQL
  • Learning:Python

Posted 19 March 2012 - 06:41 AM

Simple:
  • html form sends username and password to the server.
  • Server checks if they are correct
  • If yes: put something in the session.
You can access the session by doing request.getSession() or something close to that.
  • 0

#3 toto_7

toto_7

    CC Addict

  • Advanced Member
  • PipPipPipPipPip
  • 244 posts

Posted 19 March 2012 - 06:53 AM

wim DC thanks for quick response. I think your answer is not what I'm looking for and that's my fault. My project is based on Java RMI so now I'm trying to implement a kind of security between server and clients. So I'm generating a pair of keys for each and now I'm looking a way to confirm that this client is who
  • 0

"Programming is like **. One mistake and you have to support it for the rest of your life."

-Michael Sinz

#4 wim DC

wim DC

    Roar

  • Expert Member
  • PipPipPipPipPipPipPipPip
  • 2681 posts
  • Programming Language:Java, JavaScript, PL/SQL
  • Learning:Python

Posted 19 March 2012 - 07:04 AM

Well, I would start by using these:
SslRMIServerSocketFactory (Java 2 Platform SE 5.0)
&
SslRMIClientSocketFactory (Java 2 Platform SE 5.0)
So then at least the client / server communication is already secured.

And then either make a login object that returns a token (a random string) when the client logs in. Then this token has to be sent for every next call to the server so it can check that token. (or you can send username/ password for every method call)
... I guess. Can't be sure I'm not really into the RMI stuff.
  • 0





Also tagged with one or more of these keywords: authentication

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download