Skip Headers
Oracle® Database Lite Administration and Deployment Guide
10g (10.0.0)
Part No. B12262-01
  Go To Table Of Contents
Contents
Go To Index
Index

Previous
Previous
Next
Next
 

E External Authentication

This appendix describes how to use external authentication mechanisms. Topics include:

E.1 Using External Authentication

When a mobile user logs into the Mobile Server, the password entered by the user is compared to the user's password in the Mobile Server Repository. If the passwords match, the user password is considered authenticated and then allows access to the Mobile Server.Instead of using the repository to store passwords, the Mobile Server verifies the user's password with an external authenticator. When a user logs in to the Mobile Server, it passes the user name and password to the external authenticator for verification. Upon successful verification, the user is allowed access to Mobile Server.

You can configure the Mobile Server to use multiple external authenticators. The Mobile Server calls the authenticators in the order specified. As soon as one of these external authenticators successfully verifies the user name and password combination, the user is considered authenticated and is allowed access to the Mobile Server. The other external authenticators are not called. When no external authenticator successfully verifies the user name/password combination, the user is denied access to Mobile Server. In order to use external authentication, you must perform the following tasks.

  1. Build an external authenticator as a Java class. This class must implement the Java interface named oracle.lite.web.spi.ExternalAuthenticator.

  2. Using the Mobile Manager, create a mobile user, but do not create a password for this user. The Mobile Server only uses external authentication for users without a specified password in the Mobile Server Repository.

  3. Configure the Mobile Server to use external authentication. The names of the authenticator classes must be specified in the [EXTERNAL_AUTHENTICATION] section in the configuration file, webtogo.ora, for the Mobile Server. For example, when you add the following entries to the [EXTERNAL_AUTHENTICATION] section of the webtogo.ora configuration file, the configuration function instructs the Mobile Server to load the specified authenticator classes during startup.

    CLASS=class1, class2, class3


Note:

You must include such classes in the system classpath.

For example, the following code sample is an LDAP implementation, such as the Oracle Internet Directory Server, for the interface oracle.lite.web.spi.ExternalAuthenticator.

E.2 External Authentication Code Sample

The following code sample is an LDAP code implementation for the Oracle Internet Directory Server implementation for the interface oracle.lite.web.spi.ExteralAuthenticator.

Code Sample

import javax.naming.*;import javax.naming.directory.*;import com.sun.jndi.ldap.*;import com.sun.jndi.toolkit.url.*;import java.util.*;public class AuthenticateJNDIUser implementsoracle.lite.web.spi.ExternalAuthenticator{    public AuthenticateJNDIUser()    {        super();    }    public void init()    {        System.out.println("calling init");    //This method will be called when this class is initialized.    }    public Object authenticateUser(String uname, String pass)    {        try        {            Hashtable env = new Hashtable();            env.put(Context.INITIAL_CONTEXT_FACTORY,                "com.sun.jndi.ldap.LdapCtxFactory");            String ATTRS[] = {"cn","mail"};            env.put(Context.SECURITY_AUTHENTICATION, "simple");            env.put(Context.SECURITY_PRINCIPAL, "uid="+uname+", ou=People,o=us.oracle.com");            env.put(Context.SECURITY_CREDENTIALS, pass);            env.put(Context.PROVIDER_URL,"ldap://ssinghan-pc2.us.oracle.com:389");                        DirContext ctx = new InitialDirContext(env);            System.out.println("Got InitialDirContext Successfully");            SearchControls constraints = new SearchControls();            constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);            NamingEnumeration results =ctx.search("o=us.oracle.com","uid="+uname,constraints);            if (results ==null )            {                System.out.println("Null returned");                return null;            }            while(results !=null && results.hasMore())            {                SearchResult sr = (SearchResult)results.next();                String dn = sr.getName()+", o=us.oracle.com";                System.out.println("Name"+dn);                Attributes ar = ctx.getAttributes(dn,ATTRS);                if (ar!= null)                {                    for(int i=0;i<=ATTRS.length-1;++i)                    {                        System.out.println(ATTRS[i] +" : "+ar.get(ATTRS[i]));                    }                }            }            return ((Object)("Valid User"));        }        catch (javax.naming.NamingException ne)        {            System.err.println("NamingException : " + ne.getMessage());            System.err.println("getRootCause"+ne.getRootCause());            System.err.println("getExplanation"+ne.getExplanation());            ne.printStackTrace();            return null;        }    }    public void logOff(String uname)    {  System.out.println("Into logOff : "+ uname); }    public void destroy()    {  System.out.println("Into destroy1"); }    //This method will be called when this class is unloaded.    }