org.nst.pasientlink.authenticator
Class Utility

java.lang.Object
  |
  +--org.nst.pasientlink.authenticator.Utility

public class Utility
extends java.lang.Object


Field Summary
protected static java.lang.String AUTHENTICATOR_CONFIGURATION_PROPERTIES
           
private static java.util.Properties configuration
           
private  java.security.MessageDigest digest
           
private static org.apache.log4j.Logger logger
           
private  AuthenticatorStorage myStore
           
private  java.security.SecureRandom randomizer
           
protected static int SINGLEUSEPASSWORD_LENGTH
           
private static java.lang.Object SMSsemaphore
           
 
Constructor Summary
Utility()
          constructor.
 
Method Summary
 boolean byteArrayCompare(byte[] a, byte[] b)
          byteArrayCompare compares two byte arrays.
private  void configureLogger()
          configureLogger configures the logger
protected  boolean createUser(java.lang.String myUserID, java.lang.String myUserDescription, java.lang.String myPassword, java.lang.String myGSMSubscriberID)
          createUser creates a user from the specified input parameters, given that a user with the same userid does not exist.
 java.lang.String generateSingleUsePassword()
          generateSingleUsePassword generates and returns a five digit single-use password encoded as a string, using the secure random generator. this value is used in to be used in the second phase of the authentication process
static java.util.Properties getConfiguration()
          getConfiguration is called by misc. classes to get the configuration properties for the authenticator
static org.apache.log4j.Logger getLogger()
          getLogger returns the logger instance to be used throughout the application
 byte[] hashString(java.lang.String myString)
          hashString returns a hash of the input String
protected  void loadConfiguration()
          loadConfiguration loads configuration properties from file using the getResourceAsStream method.
static void main(java.lang.String[] args)
          Main.
 boolean sendSMSNotification(Request myRequest, java.lang.String adminGSMSubscriberID)
          sendSMSNotification spawns a thread to send a GSM SMS single use password notification.
 void setAuthenticatorStorage(AuthenticatorStorage myAuthenticatorStorage)
          setAuthenticatorStorage configures the storage class used by utility
protected  boolean verifyPasswordHash(java.lang.String myUserID, byte[] myPasswordHash)
          verify that the specified password hash compares successfully with the stored password hash, for the specified user. we assume that the user id exists in the system, i.e. that this has been verified before this method is invoked (but we won't crash horribly if this verification has not been done).
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, registerNatives, toString, wait, wait, wait
 

Field Detail

myStore

private AuthenticatorStorage myStore

randomizer

private java.security.SecureRandom randomizer

SINGLEUSEPASSWORD_LENGTH

protected static final int SINGLEUSEPASSWORD_LENGTH

AUTHENTICATOR_CONFIGURATION_PROPERTIES

protected static final java.lang.String AUTHENTICATOR_CONFIGURATION_PROPERTIES

digest

private java.security.MessageDigest digest

logger

private static org.apache.log4j.Logger logger

SMSsemaphore

private static java.lang.Object SMSsemaphore

configuration

private static java.util.Properties configuration
Constructor Detail

Utility

public Utility()
constructor. Loads configuration and sets up logger and secure random generator (this takes a while, and it's fair to do it here instead of waiting for the first request arrives)
Parameters:
myAuthenticator - Authenticator instance
Method Detail

main

public static void main(java.lang.String[] args)
Main. Makes a BASE64-encoded SHA-1 hash from the the first input parameter, and outputs this on the console. Invoked by the Ant build file in order to generate administration passwords used in the configuration file.
Parameters:
args - String[] contains command line parameters

verifyPasswordHash

protected boolean verifyPasswordHash(java.lang.String myUserID,
                                     byte[] myPasswordHash)
verify that the specified password hash compares successfully with the stored password hash, for the specified user. we assume that the user id exists in the system, i.e. that this has been verified before this method is invoked (but we won't crash horribly if this verification has not been done).
Parameters:
myUserID - String containing the user id of the user password to be verified
myPasswordHash - byte[] containing the password hash of the user to be verified
Returns:
boolean indicating whether the two supplied passwords are equal (true) or not (false)

generateSingleUsePassword

public java.lang.String generateSingleUsePassword()
generateSingleUsePassword generates and returns a five digit single-use password encoded as a string, using the secure random generator. this value is used in to be used in the second phase of the authentication process
Returns:
five digit single-use password encoded using the secure random generator
See Also:
Authenticator

sendSMSNotification

public boolean sendSMSNotification(Request myRequest,
                                   java.lang.String adminGSMSubscriberID)
sendSMSNotification spawns a thread to send a GSM SMS single use password notification. This method does not wait for the SMS message to actually be send, it returns when the message is queued for delivery. When the adminGSMSubscriberID field is set, no checking against the database for user existence is done.
Parameters:
myRequest - Request containing single use password, userid etc. to be sent
adminGSMSubscriberID - String containing admin GSM subscriber ID, or null if this is not an admin request
Returns:
boolean indicating whether the message was prepared for sending successfully (true) or not (false)

createUser

protected boolean createUser(java.lang.String myUserID,
                             java.lang.String myUserDescription,
                             java.lang.String myPassword,
                             java.lang.String myGSMSubscriberID)
createUser creates a user from the specified input parameters, given that a user with the same userid does not exist.
Parameters:
myUserID - String containing userID of the new user
myUserDescription - String containing a description, typically name, of the new user
myPassword - String containing password for the new user
myGSMSubscriberID - String containing the GSM phone number of the new user
Returns:
a boolean value indicating whether the user was created (true) or not (false)

hashString

public byte[] hashString(java.lang.String myString)
hashString returns a hash of the input String
Parameters:
myString - String to be hashed
Returns:
String containing hash of input string

byteArrayCompare

public boolean byteArrayCompare(byte[] a,
                                byte[] b)
byteArrayCompare compares two byte arrays. The two byte arrays should be of equal size. If they are not, the comparison will stop at the last byte of the smallest byte array.
Parameters:
a - byte[] first byte array
b - byte[] second byte array
Returns:
boolean indicating whether the byte arrays are equal (true) or not (false)

configureLogger

private void configureLogger()
configureLogger configures the logger

getLogger

public static org.apache.log4j.Logger getLogger()
getLogger returns the logger instance to be used throughout the application
Returns:
Logger instance

getConfiguration

public static java.util.Properties getConfiguration()
getConfiguration is called by misc. classes to get the configuration properties for the authenticator
Returns:
Properties containing configuration

loadConfiguration

protected void loadConfiguration()
loadConfiguration loads configuration properties from file using the getResourceAsStream method.

setAuthenticatorStorage

public void setAuthenticatorStorage(AuthenticatorStorage myAuthenticatorStorage)
setAuthenticatorStorage configures the storage class used by utility
Parameters:
myAuthenticatorStorage - AuthenticatorStorage object to be used


Copyright © 2002 Norwegian Centre for Telemedicine. All Rights Reserved.