Establishing Login Credentials (Sun Java System Mobile Enterprise Platform 1.0 Developer's Guide for Client Applications)

Sun Java System Mobile Enterprise Platform 1.0 Developer's Guide for Client Applications

Establishing Login Credentials

To provide application-level authentication, a secure client application must use the security manager to create login credentials for the user. The MIDlet code provides an initial login screen that requires the user to create both a secret and a Personal Identification Number (PIN). Users do not need to remember the secret, but they must remember the PIN.

The MIDlet code calls the security manager's computeKey and setKey methods to create a key from the PIN entered by the user. It then calls the security manager's storeCredentials method to create credentials based on the secret.

byte[] key = securityMgr.computeKey(getInitialPinField().getString());
securityMgr.setKey(key);
securityMgr.storeCredentials(getSecretField().getString());

The getInitialPinField and getSecretField methods are UI methods that obtain the needed string values.

The secret and PIN provide security in addition to the username and password credentials required by the Gateway Engine in order to perform synchronization (as described in Setting User Credentials).