United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-4850423 login facilities for hardware tokens
JDK-4850423 : login facilities for hardware tokens

Details
Type:
Enhancement
Submit Date:
2003-04-17
Status:
Resolved
Updated Date:
2003-08-17
Project Name:
JDK
Resolved Date:
2003-08-17
Component:
security-libs
OS:
solaris_7
Sub-Component:
java.security
CPU:
generic
Priority:
P3
Resolution:
Fixed
Affected Versions:
5.0
Fixed Versions:
5.0 (tiger)

Related Reports
Relates:

Sub Tasks

Description
This is one of the parts for 4635083
(Enhanced security token integration),
which is a Target of Opportunity for Tiger.

Some hardware token providers (for example, a smartcard provider)
may require a login operation into the token using a password
or other means of authentication before certain operations
can be performed.

Currently there is no standard API to directly log into a token.
A new abstract subclass of java.security.Provider
should be added. It should define methods for retrieving
a javax.security.auth.login.LoginContext that may
be used to directly log into and out from a token.

Although applications should be able to directly log into a token,
providers should also be able to detect whether a login
has not yet occurred, and if necessary,
attempt to log users in themselves
(internally using their own LoginContext).

Since there is no well defined, standard, auto logout mechanism,
applications will still have to directly
invoke the API to perform a logout.

A new class javax.security.auth.PasswordCredential should
also be introduced. Login modules may place this as a
private credential in a subject once authentication
to a token has successfully completed.   This will
facilitate single signon solutions.  The PasswordCredential
should be generic so it can be used with any password
based authentication mechanism.

                                    

Comments
SUGGESTED FIX

Add a new abstract subclass to java.security.Provider, named java.security.LoginProvider. This new provider class defines methods for retrieving a LoginContext that may be used to log into or out from a token.

                                     
2004-06-11
EVALUATION

will fix
                                     
2004-06-11
CONVERTED DATA

BugTraq+ Release Management Values

COMMIT TO FIX:
tiger

FIXED IN:
tiger

INTEGRATED IN:
tiger
tiger-b16


                                     
2004-06-14



Hardware and Software, Engineered to Work Together