Advanced Security Programming in Java SE Authentication, Secure Communication and Single Sign-On
Java SE offers a rich set of APIs and features for developing secure Java applications and services. The exercise sessions listed here can help you to use the Java SE GSS APIs to build applications that authenticate their users, to communicate securely with other applications and services, and help you to configure your applications in a Kerberos environment to achieve Single Sign-On. In addition, you will also learn how to use stronger encryption algorithms in a Kerberos environment, and how to use Java GSS mechanisms such as SPNEGO to secure the association.
Setting up your Development Environment
Set up your development environment as follows before proceeding to the first exercise:
- Install and set up a Solaris machine (required for Exercise 7: Configuring to Use Stronger Encryption Algorithms in a Kerberos Environment, to Secure the Communication).
- Configure a Kerberos server on a Solaris machine with accounts used by the exercises. See Appendix A: Setting up Kerberos Accounts.
- Set up the Key Distribution Center (KDC) on your Solaris machine and start the Kerberos server.
- Set up the Kerberos configuration on your client machine.
- Set up the JDK environment:
-
Set up the
JAVA_HOMEenvironment variable to point to the JDK installation directory -
Place
%JAVA_HOME%\bin(Windows) or$JAVA_HOME/bin(Solaris/Linux) in thePATHenvironment variable.
-
Exercises
This session includes six lessons. Each part contains one or more coding exercises. Work through the exercises in sequence:
- Part I : Secure Authentication using the Java Authentication and Authorization Service (JAAS)
- Part II : Secure Communications using the Java SE Security API
- Part III : Deploying for Single Sign-On in a Kerberos Environment
- Part IV : Secure Communications Using Stronger Encryption Algorithms
- Part V : Secure Authentication Using SPNEGO Java GSS Mechanism
- Part VI: HTTP/SPNEGO Authentication