Advanced Security Programming in Java SE Authentication, Secure Communication and Single Sign-On
Java SE offers a rich set of APIs and features for developing secure Java applications and services. The exercise sessions listed here can help you to use the Java SE GSS APIs to build applications that authenticate their users, to communicate securely with other applications and services, and help you to configure your applications in a Kerberos environment to achieve Single Sign-On. In addition, you will also learn how to use stronger encryption algorithms in a Kerberos environment, and how to use Java GSS mechanisms such as SPNEGO to secure the association.
Setting up your Development Environment
Set up your development environment as follows before proceeding to the first exercise:
- Configure a Kerberos server with accounts used by the exercises. See Appendix A: Setting up Kerberos Accounts.
- Set up the Key Distribution Center (KDC) and and start the Kerberos server.
- Set up the Kerberos configuration on your client computer.
- Set up the JDK environment:
-
Set up the
JAVA_HOME
environment variable to point to the JDK installation directory -
Place
%JAVA_HOME%\bin
(Windows) or$JAVA_HOME/bin
(Linux or macOS) in thePATH
environment variable.
-
Exercises
This session includes six lessons. Each part contains one or more coding exercises. Work through the exercises in sequence:
- Part I : Secure Authentication using the Java Authentication and Authorization Service (JAAS)
- Part II : Secure Communications using the Java SE Security API
- Part III : Deploying for Single Sign-On in a Kerberos Environment
- Part IV : Secure Communications Using Stronger Encryption Algorithms
- Part V : Secure Authentication Using SPNEGO Java GSS Mechanism
- Part VI: HTTP/SPNEGO Authentication