JPam – a bridge between JAAS and Unix PAM security

I have just released JPam 1.0.
JPam is a Java-PAM bridge. PAM, or Pluggable Authentication Modules, is a standard security architecture used on Linux, Mac OS X, Solaris, HP-UX and other Unix systems. JPam is the missing link between the two.
JPAM permits the use of PAM authentication facilities by Java applications running on those platforms.
These facilities include:

  1. account
  2. auth
  3. password
  4. session

It features JAAS and direct APIs, support for most Unix OSs and architectures and much more…
JPam is available under an Apache open source license and is actively developed, maintained and supported.
You can use it in both JSDK and JEE environments. I use it in the Glassfish application server with a custom AuthModule to utilise Vasco hardware tokens for login.
See for more details.

Spnego for Glassfish – First working implementation achieved today

I am feeling a little excited right now.
Today we got an implementation of SPNEGO going for Glassfish. It will be refined over coming days, but it works. You can use Glassfish in a Kerberos Single Sign On environment. It works with Firefox, IE and Safari.
Some features/limitations at present:
* We use the new JMAC JSR196: Java Authentication Service Provider Interface for Containers. This means you need to use Glassfish V2 build 41 or later, which have working JMAC implementations.
* We rely on JGSS features found in Java 6. We hope to make some changes and support Java 5 as well.
* The current implementation has only a few dependencies on Glassfish. We hope to remove those to allow the Spnego module to work with any and all JMAC implementations.
* JMAC has limited interaction with JAAS. At the moment it is not possible to fall through to a JAAS module for authentication. Not sure if this is a problem or not in a SSO environment.
Over the next days and weeks I will be refining Spnego. It is likely that it will be included as a standard part of Glassfish V2 when it is released in August 2007.
See for the project.
Now would be a good time for anyone looking to port this code to another JMAC compliant app server to get involved.

Ehcache Talk at JavaOne 2007

Session ID: TS-6175
Session Title: Distributed Caching, Using the JCACHE API and ehcache, Including a Case Study on
Track: The Next Generation Web
Room: Esplanade 307-310
Date: 08-MAY-07
Start Time: 10:50