Making Java and Windows Play Nice

Leveraging Kerberos for Java Applications

New authentication software—Java Crypto and Security Implementation (JCSI) Single Sign-On—gives users a single sign-on for Java applications in a various environments, including Windows. The product, from Wedgetail Communications Pty Ltd., of Brisbane, Australia, is available now.

Leveraging Kerberos for Java applications support built into Windows, MacOS, Solaris, and Linux, Wedgetail's JSCI Single Sign-on integrates Microsoft and Java security technology and addresses identity management and access control issues for Java application servers.

Early users such as Urs Schimming, a technology project leader for Swiss Post, say that the J2EE software is helping them integrate “WebLogic with Windows 2000 Active Directory” software, helping the organization solve “key integration issues.”

JCSI Single Sign-On integrates Microsoft and Java security technology and addresses identity management and access control issues for Java application servers. The technology is elegant in that it uses built-in Kerberos support in Microsoft Windows, MacOS 10.2, and many Solaris and Linux environments. Available clients include Internet Explorer, .NET applications, Java client applications and other browsers.

One of the most obvious benefits of this approach is that the Java Kerberos technology Wedgetail’s products use is more secure than cookie-based mechanisms—often the method organizations use for handling single-sign-on in a Web-based environment. With Kerberos, IT administrators can create a single-sign-on environment for many existing services. The software package also includes a mapping service to help support single-sign-on in legacy applications that don’t support Kerberos. The product also supports remote login access with Windows 2000, and smart card use.

Good identity management depends upon strong security, including authorization and authentication. It’s a crucial prerequisite for many cross-organization initiatives, such as business-to-business commerce and supply chain management. It also makes working with legacy applications easier for end users, since they need to log on less.

Well-deployed identity management can save companies money, says analyst Daniel Blum of the Burton Group, an IT research and advisory service in Midvale, Utah. “Do identity well, and your company can reduce overall administrative costs, improve security, enhance quality, and increase productivity. Do it poorly and your company could be damaged severely.”

Gary Morgan, president and CEO of Wedgetail, says the JCSI software will especially help “organizations looking to reduce the cost of compliance with legal and policy requirements.” That’s because companies can now release J2EE applications in Windows and link up to Active Directory to provide needed security information, meaning Active Directory could potentially help secure access to all enterprise applications, even Java ones. The company says this is the first in a range of security technology products to better integrate Microsoft and Java, especially vis-à-vis identity management and access control issues for Java application servers.

For more information, visit http://www.wedgetail.com/.

About the Author

Mathew Schwartz is a Contributing Editor for Enterprise Systems and is its Security Strategies column, as well as being a long-time contributor to the company's print publications. Mr. Schwartz is also a security and technology freelance writer.