Integrate Java web service with Unix security
Question
I am hosting a Java web service on a AIX unix box using JBoss.
Some of the web methods browse the unix file structure (IE GetDirectoryFiles returns all files for the directory path passed in).
I want to integrate this with the unix security so that the caller would pass in a username/password at the session level and they would be limited to what files/directories they have access to based on that username/password integrated with the server users.
For instance, if the server has a user with their home directory set to /home/me and are unable to browse out of their home directory, the web service would only allow the same with regards to the method calls. They could call '/home/me/dir' but not '/home/notme/dir' (would throw an access denied exception).
How would I go about doing this?
1 answers
solution1
0 ACCPTED 2010-07-20 15:18:45
The issue you are going to have is that the JBoss process is already running as a specific user, and therefore anything done by a thread within that process will run under that user's permissions.
The simplest approach, I believe, would be to launch a new process as a different user to complete the unix part of each of your web methods, using Runtime.getRuntime().exec(...) - see this question
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.