PicketBox is a Java Security Framework that build on top of JAAS, provides a schema formatted Security Configuration file(security-config_5_0.xsd) and various of LoginModule Implementation(UsersRolesLoginModule, LdapExtLoginModule, DatabaseServerLoginModule, etc) to security Java Application. The following are 5 key steps to execute a authentication:
//1. establish the JAAS Configuration with picketbox authentication xml file
SecurityFactory.prepare();
//2. load picketbox authentication xml file
PicketBoxConfiguration config = new PicketBoxConfiguration();
config.load(SampleMain.class.getClassLoader().getResourceAsStream("picketbox/authentication.conf"));
//3. get AuthenticationManager
AuthenticationManager authManager = SecurityFactory.getAuthenticationManager(securityDomain);
//4. execute authentication
authManager.isValid(userPrincipal, credString, subject);
//5. release resource
SecurityFactory.release();
Teiid Embedded expose 2 methods for security authentication:
EmbeddedSecurityHelper is a sample implementation of SecurityHelper, authentication.conf is a sample Security Configuration file.