The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Java Community News
jGuard Web Authentication Framework Releases 0.8 Version

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Frank Sommers

Posts: 2642
Nickname: fsommers
Registered: Jan, 2002

jGuard Web Authentication Framework Releases 0.8 Version Posted: Jun 14, 2006 8:13 AM
Reply to this message Reply
Summary
The open-source jGuard project aims to bring standard Java authentication (JAAS) into the realm of Web applications. jGuard helps perform user authentication and controls resource access within a Web app. The latest release features captcha support, CRUD user management, multiple authentication schemes, and easier user database migration.
Advertisement

Java's standard authentication and access control framework (JAAS) extends Java security to authenticated users: It helps perform user authentication, and then controls resource access based on authenticated users.

While JAAS at first seems tailor-fit to Web application security needs, the standard granularity of JAAS resource access is a Java object, not a Web application resource denoted by a URL. The open-source jGuard project builds on top of JAAS, and turns JAAS into an effective Web application authentication and authorization tool. jGuard helps with the following tasks:

  • Configure access control of a web application. Resource access is specified with URL patterns.
  • Authenticate users.
  • Deny access to a URL to unauthorized users.
  • Logoff the user.

This week, the jGuard project announced the release of their 0.8 version. According to jGuard developer Charles Gay, the 0.8 release focuses on API usability.

Gay pointed out that jGuard users often start out with an XML user and configuration database. "After succeeding with this operation, they choose to [switch to] a database backend. [In previous versions], it was painful to migrate manually data from XML to a user database... The new jGuard release adds the ability to automatically create required user and authentication tables... and import XML data into a database at startup," according to Gay.

"Another feature added in this release is the JCaptcha integration," adds Gay. "The growth of the Internet correlates, unfortunately, to the growth of annoying spam robots defacing web sites. To guard against that, jGuard [0.8] integrates the JCaptcha library that generates a captcha image to [help] determine if the user is human or not."

jGuard 0.8 also adds support for simultaneous use of multiple authentication schemes. "A web app is no longer limited to supporting only one authentication scheme, such as FORM, BASIC, or CLIENT-CERT. You can now mix FORM and CLIENT-CERT, or BASIC and CLIENT-CERT, [meaning that] both authentication schemes are accepted when a user authenticates," says Gay.

jGuard seems to fill an important gap in the enterprise Java arsenal by making JAAS web-application friendly.

How do you authenticate users to your Web app, and how do you control what resources a user can access?

Topic: jGuard Web Authentication Framework Releases 0.8 Version Previous Topic   Next Topic Topic: Ajax Transport Methods for Data and Code
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use