G
External Authentication

G.1 Using External Authentication

When a mobile user logs into the Mobile Server, the password entered by the user is compared to the user's password in the Mobile Server Repository. If the passwords match, the user is considered authenticated and is allowed access to the Mobile Server.

Instead of using the repository to store passwords, the Mobile Server can verify the user's password with an external authenticator. When a user logs in to the Mobile Server, it passes the username and password to the external authenticator for verification. When verification is successful, the user is allowed access to Mobile Server.

You can configure the Mobile Server to use multiple external authenticators. The Mobile Server calls the authenticators in the order specified. As soon as one of these external authenticators successfully verifies the username/password combination, the user is considered authenticated and is allowed access to the Mobile Server. The other external authenticators are not called. When no external authenticator successfully verifies the username/password combination, the user is denied access to Mobile Server. In order to use external authentication, you must do the following:

1. Build an external authenticator as a Java class. This class must implement the Java interface oracle.lite.web.spi.ExternalAuthenticator.

2. In the Mobile Server Control Center, create a mobile user, but do not create a password for this user. The Mobile Server only uses external authentication for users without a specified password in the Mobile Server Repository.

3. Configure the Mobile Server to use external authentication. The names of the authenticator classes must be specified in the [EXTERNAL_AUTHENTICATION] section in the configuration file, webtogo.ora, for the Mobile Server. For example, adding the following entries to the [EXTERNAL_AUTHENTICATION] section of the configuration file instructs the Mobile Server to load the specified authenticator classes during startup.

   CLASS=class1,class2,class3

For example, the following code sample is an LDAP implementation, such as Oracle Internet Directory Server for the interface oracle.lite.web.spi.ExternalAuthenticator.

G.2 External Authentication Code Sample

The following code sample is an LDAP implementation, such as Oracle Internet Directory Server for the interface oracle.lite.web.spi.ExternalAuthenticator

import javax.naming.*;import javax.naming.directory.*;import com.sun.jndi.ldap.*;import com.sun.jndi.toolkit.url.*;import java.util.*;public class AuthenticateJNDIUser implementsoracle.lite.web.spi.ExternalAuthenticator{    public AuthenticateJNDIUser()    {        super(); }    public void init()    {        System.out.println("Into init");    }    public Object authenticateUser(String uname, String pass)    {        try        {            System.out.println("Into AuthUser");            Hashtable env = new Hashtable();            env.put(Context.INITIAL_CONTEXT_FACTORY,                "com.sun.jndi.ldap.LdapCtxFactory");            System.out.println("Into AuthUser1"+ " uname"+uname+"pass"+pass);            String ATTRS[] = {"cn","mail"};            env.put(Context.SECURITY_AUTHENTICATION, "simple");            env.put(Context.SECURITY_PRINCIPAL, "uid="+uname+", ou=People,o=us.oracle.com");            env.put(Context.SECURITY_CREDENTIALS, pass);            env.put(Context.PROVIDER_URL,"ldap://ssinghan-pc2.us.oracle.com:389");            System.out.println("Into AuthUser1");            DirContext ctx = new InitialDirContext(env);            System.out.println("Got InitialDirContext Successfully");            SearchControls constraints = new SearchControls();            constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);            NamingEnumeration results =ctx.search("o=us.oracle.com","uid="+uname,constraints);            if (results ==null )            {                System.out.println("Null returned");                return null;            }            while(results !=null && results.hasMore())            {                SearchResult sr = (SearchResult)results.next();                String dn = sr.getName()+", o=us.oracle.com";                System.out.println("Name"+dn);                Attributes ar = ctx.getAttributes(dn,ATTRS);                if (ar!= null)                {                    for(int i=0;i<=ATTRS.length-1;++i)                    {                        System.out.println(ATTRS[i] +" : "+ar.get(ATTRS[i]));                    }                }            }            return ((Object)("Valid User"));        }        catch (javax.naming.NamingException ne)        {            System.err.println("NamingException : " + ne.getMessage());            System.err.println("getRootCause"+ne.getRootCause());            System.err.println("getExplanation"+ne.getExplanation());            ne.printStackTrace();            return null;        }    }    public void logOff(String uname)    {  System.out.println("Into logOff : "+ uname); }    public void destroy(){  System.out.println("Into destroy123"); }

}