ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General Discussion » Mobile apps and telemetry security design

Post new topic  Reply to topic
 Mobile apps and telemetry security design « View previous topic :: View next topic » 
Author Message
pintrader
PostPosted: Tue Jul 15, 2014 5:04 am    Post subject: Mobile apps and telemetry security design Reply with quote

Disciple

Joined: 22 Jan 2014
Posts: 164
hi
need some advice on my mobile app design.

Say I have users using mobile app which will login to my Windows domain using an id and password. I am using telemetry for this mobile app. ie Users are going to publish/subscribe using telemetry.

I also want the users to be authenticated using Kerberos. My app will probably use some Java api such as javax.security.auth.Subject to get the kerberos ticket from the currently logged on user. Then this ticket will somehow need to end up at my MQ server which is running the MQTT channel service and get authentiated through JAAS login module.

MQTT channels support the JAAS login module. Hence I will need to create a custom authentication module because the IBM class called com.ibm.security.auth.module.Krb5LoginModule need to be supplied with a useCcache = file:///somewhere/krb5cc_[username] parameter.

How can I pass the ticket from the mobile app (client) side to my MQ server? I am thinking of passing the ticket into the setPassWord() method of the MQTTConnectOptions class. And then my custom authentication module with get this "password" and write it to a physical credential file. The path of the credential file will be supplied to com.ibm.security.auth.module.Krb5LoginModule.

Is there a better or seamless way than this to authenticate mobile users using Kerberos?

thanks
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General Discussion » Mobile apps and telemetry security design
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.