In the example, the following are required security behaviors for the applet:
The debit
method is authorized only if it is sent through a secure channel that ensures at least the integrity of input data, and if the cardholder is successfully authenticated.
The credit
method is authorized only if it is sent through a secure channel that ensures at least the integrity of input data, and if the application issuer is successfully authenticated.
The getBalance
method is authorized only if the cardholder or the application issuer is successfully authenticated.
The SecurityService
provides methods and constants that allow the implementation to perform such checks. For instance, following is the code for the checks on the debit
method:
if ((!security .isCommandSecure(SecurityService.PROPERTY_INPUT_INTEGRITY)) || (!security .isAuthenticated(SecurityService.ID_CARDHOLDER))) UserException.throwIt(REQUEST_FAILED);
If one of the two conditions is not satisfied, the remote object throws an exception. This exception is caught by the dispatcher and forwarded to the client.