|Issue||Cause Java Auth API sample code to authenticate consistently when "Requires Name Lock" enabled|
With "Requires Name Lock" disabled, the SecurID Java Authentication SDK sample code authenticates successfully.
With "Requires Name Lock" enabled, authentications may now fail with "ACCESS DENIED, name lock required" logged at the Authentication Manager.
|Cause||The sample code as written collects the username to be authenticated from the command line and immediately sends a name lock to the Authentication Manager. |
The sample code then prompts for a passcode and sends it to the Auth Manager once entered by the user.
If > 30 seconds have elapsed since the name lock was accepted by the Authentication Manager the name lock will have expired and the ACCESS DENIED error message above will be seen in the Auth Manager activity log.
|Resolution||Modify the sample code to send the name lock after all user credentials have been gathered:|
session = api.createUserSession();
int authStatus = AuthSession.ACCESS_DENIED;
for (int i = 0; i < 3 && authStatus != AuthSession.ACCESS_OK; i++)
//don?t do the lock yet
|Legacy Article ID||a38401|