E
estadtherr
I have a Java application that requires a user to log in, at which time
the user is authenticated using the standard JAAS LoginContext. This
initial application needs to start a set of child processes (using
Runtime.exec()). These child processes need to inherit the user-based
credentials of the initial application, but I don't want the user to
have to type their username and password for every child process. Is
there a secure way for the child processes to inherit the
authentication results from the parent process? I've thought about
command line arguments and environment variables, but they all open the
child processes up to spoofing the credentials. Has anyone else solved
this issue?
Thanks!
-Eric
the user is authenticated using the standard JAAS LoginContext. This
initial application needs to start a set of child processes (using
Runtime.exec()). These child processes need to inherit the user-based
credentials of the initial application, but I don't want the user to
have to type their username and password for every child process. Is
there a secure way for the child processes to inherit the
authentication results from the parent process? I've thought about
command line arguments and environment variables, but they all open the
child processes up to spoofing the credentials. Has anyone else solved
this issue?
Thanks!
-Eric