Get Java Auth API sample code to authenticate consistently with 'Requires Name Lock' enabled
3 years ago
Originally Published: 2008-01-16
Article Number
000057127
Issue
Cause Java Auth API sample code to authenticate consistently when "Requires Name Lock" enabled
With "Requires Name Lock" disabled, the SecurID Java Authentication SDK sample code authenticates successfully.
With "Requires Name Lock" enabled, authentications may now fail with "ACCESS DENIED, name lock required" logged at the Authentication Manager.
Cause
The sample code as written collects the username to be authenticated from the command line and immediately sends a name lock to the Authentication Manager. 
The sample code then prompts for a passcode and sends it to the Auth Manager once entered by the user. 
If > 30 seconds have elapsed since the name lock was accepted by the Authentication Manager the name lock will have expired and the ACCESS DENIED error message above will be seen in the Auth Manager activity log.
Resolution
Modify the sample code to send the name lock after all user credentials have been gathered:
 

 

  ...
private void auth() throws Exception

    {
        String userName;
        String passCode;
        AuthSession session;

        session = api.createUserSession();
        userName = io.input("Username: ");

        int authStatus = AuthSession.ACCESS_DENIED;

        for (int i = 0; i < 3 && authStatus != AuthSession.ACCESS_OK; i++)
        {

            //don?t do the lock yet
            //authStatus = session.lock(userName);
            passCode = io.input("Passcode: ");
            //have everything?now do name lock and send passcode
            authStatus = session.lock(userName);
            authStatus = session.check(userName, passCode);
            authStatus = finalizeAuth(authStatus, session);
            switch (authStatus)

  ?

Related Articles

Trending Articles

Don't see what you're looking for?