Summary |
Admin |
Home Page |
Forums |
Tracker |
Bugs |
Support |
Patches |
RFE |
Lists |
Tasks |
Docs |
News |
CVS |
Files |
Overview
JPAM is a Java-PAM bridge. PAM, or Pluggable Authentication
Modules, is a standard security architecture used on Unix, Linux and
Mac OS X systems.
JPAM permits the use of PAM authentication facilities by Java
applications running on those platforms.
These facilities include:
- account
- auth
- password
- session
News Highlights
- 17 November 2004.
jpam 0.3 released. Source and binaries for Linux x86, Linux x86_64
and Mac OS X. With this release JPAM is ready for developer use.
- 17 August 2004. jpam project commenced. See cvs for a 0.1 alpha
release
which supports Linux
Downloads
Download
here.
Documentation
The following documentation is available:
Uses
Jpam provides the integration with PAM. Any Java application that
needs to do authentication can potentially use jpam.
Commonly Java application authenticate using one of the following
approaches and APIs:
- Database username and password tables; JDBC
- LDAP, such as Novell NDS, open LDAP or Active Directory; JNDI
However, there are many more approaches than these two. There are
hundreds of authentication systems accessible through PAM. See a list
fo Linux
here.
Many of these are installed by default in the Linux distributions.
Fedora Core 2 has 54 PAM modules in its /lib/security directory ready
for use. Some notable examples of PAM modules are:
Name
|
Module
|
Use
|
SecurId
|
pam_securid.so
|
Authenticates SecurId hardware
tokens with the RSAACE Server. Available from RSA as a free
download. These have been tested with JPAM
|
Unix
|
pam_unix_*.so |
Authenticates using configured
Unix scheme. This can be shadow passwords or NIS, depending on how the
machine was configured. Tested with JPAM.
|
RADIUS
|
pam_radius.so |
Authenticates using RADIUS
servers. Tested with JPAM.
|
CryptoCard
|
pam_smxs.so
|
Authenticates using CryptoCard
RB1 hardware tokens and similar
|
Samba
|
pam_winbind.so
|
Authenticates using Windows and
Samba servers.
|
Kerberos
|
pam_krb5.so
|
Authenticates with
Kerberos/Active Directory
|
LDAP
|
pam_ldap.so
|
Authenticates with LDAP servers
(from Java you could also use the JNDI API)
|
SafeWord
|
pam_safeword.so
|
Authenticates SafeWord tokens
|
DigiPass
|
pam_radius.so
|
DigiPass uses the Free Radius
PAM module to authenticate DigiPass hardware tokens. DigiPass is from
Vasco. These have been tested with JPAM.
|
JPAM