Overview
The security system has the concept of pluggable authenticators. For instance, you may keep your user information in the database, but you want to authenticate against NT. Or you keep your passwords in the database, but you have different encryptions schemes. Via the component config file you can specify what authenticator to use.
NoOpAuthenticator
Always returns true, regardless of what is passed in.
TextMatchAuthenticator
Does a plain text match of the passwords. Case does matter.
NTAuthenticator
Attempts to authenticate the user against an NT domain. The username must look like CVILLE\epugh. You will need to configure your system to use the tagish library.
http://www.mooreds.com/jaas.html
http://free.tagish.net/jaas/doc.html
http://www.raibledesigns.com/page/rd/20030217
This application uses a small DLL to provide security. Put the NTSecurity.dll in your JAVA_HOME/jre/bin directory.
This provides the JNI interface to NT used by JAAS.
Then put the tagish.login fil in the ${java.home}/jre/lib/security/ directory. This tells the Tagish
code what classes to load for security.
Lastly, you must edit the ${java.home}/jre/lib/security/java.security file and add this line:
login.config.url.1=file:${java.home}/lib/security/tagish.login
CryptoAuthenticator
Uses the fulcrum crypto service to check the password against the encrypted one. You can specify the algorithm and cipher to use.
Using the combined format looks like this:
<component
role="org.apache.fulcrum.security.authenticator.Authenticator"
class="org.apache.fulcrum.security.authenticator.CryptoAuthenticator">
<algorithm>java</algorithm>
<cipher>SHA1</cipher>
</component>
<component
role="org.apache.fulcrum.crypto.CryptoService"
class="org.apache.fulcrum.crypto.DefaultCryptoService">
<algorithm>
<unix>org.apache.fulcrum.crypto.provider.UnixCrypt</unix>
<clear>org.apache.fulcrum.crypto.provider.ClearCrypt</clear>
<java>org.apache.fulcrum.crypto.provider.JavaCrypt</java>
<oldjava>org.apache.fulcrum.crypto.provider.OldJavaCrypt</oldjava>
</algorithm>
</component>