Versions Compared

Version Old Version 6 New Version 7
Changes made by

Ravikumar Babu CTOO

Ravikumar Babu CTOO

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Create a custom authentication provider by implementing the Java Interface, IAuthenticationServiceProvider. See the sample custom authentication provider for reference.

  2. Mention the custom authentication provider to Canvas framework by providing a value for the AUTH_SERV_PROV_CLASS key in the securityconfig.properties file.

    Code Block
    languagebash
    # The following key indicates the authentication provider that is to
# be used during log-in, log-out or re-authentication purposes.
AUTH_SERV_PROV_CLASS=com.intellectdesign.app.mbb.servlets.login.MBBAuthenticationProvider

# Here, MBBAuthenticationProvider.java is the custom authentication provider class.


  3. Create a custom validate class to validate the users' entitlement by implementing the Java interface, IEntitlementSource. See the sample custom validate class for reference.

  4. Mention the custom validate class to Canvas framework by providing a value for the VIEW_ENTITLEMENT_CLASS key in the implclassconfig.properties file.

    Code Block
    languagebash
    # The following key indicates the class that validates the users' entitlement.
VIEW_ENTITLEMENT_CLASS=com.intellectdesign.app.mbb.servlets.entitilements.MBBViewEntitlement

# Here, MBBViewEntitlement.java is the custom entitlement validation class.


  5. Retrieve the users' log-in ID and password using the request.getParameter method and set those to uservalue in the extractLoginParameters method in Login Servlet.

    Code Block
    languagejava
    private IUserValue extractLoginParameters(HttpServletRequest request)
{
	UserValue userValue = new UserValue();
		
	String userName = (request.getParameter("ctLoginID")).trim();
	String password = request.getParameter("loginPSW");

	System.out.println("===request2---userName=============" + request.getParameter("ctLoginID"));
	System.out.println("===request2---passwords=============" + request.getParameter("loginPSW"));

	// Set the login Id into the User Value
	userValue.setLoginId(userName);

	// Set the simulation model flag in the user Value
	String isSimulationMode = request.getParameter("isSimulated");
	if (isSimulationMode != null && "true".equals(isSimulationMode))
	{
		userValue.setSimulated(true);
		userValue.setSimulatingUserNo(request.getParameter("simulatingUserNo"));
	}

	// Set the password into the user value
	userValue.setUserPin(password);
		
	String checkSumValue = userName + "-" + password + "-" + "INTELLECT_MBB";
		
	String checkSum = null;
	
	try 
	{
		checkSum = generateSHA256(checkSumValue, userName);
	} 
	catch (Exception e) 
	{
		e.printStackTrace();
	}
	
	userValue.setRSATokenSerialNo(checkSum);

	return userValue;
}


  6. Get the users' log-in ID and password from uservalue and pass those to authentication service in authenticateUser method in the custom authentication provider class. Also, set the setStatusFlag as E if response code is 200.

    Code Block
    languagejava
    public void authenticateUser(IUserValue uValue) throws AuthenticationException
{
	Map customSSOProperties = uValue.getCustomSSOProperties();
		
	String userName = (String) uValue.getLoginId();
	String password = (String) uValue.getUserPin();
	String checksum = (String) uValue.getRSATokenSerialNo();
	System.out.println("===userName=============" + userName);
	System.out.println("===password=============" + password);
	System.out.println("===checksum=============" + checksum);

	if (checkSum 
	if (checksum != null)
	{
		try
		{
			URL url = new URL("http://1.2.3.4:1234/mbbAPI/api/app/customerloginbyusername/" + userName + ","
						+ password + "," + checksum + "");
				
			HttpURLConnection conn = (HttpURLConnection) url.openConnection();
			conn.setDoOutput(true);
			conn.setRequestMethod("GET");
		    conn.setRequestProperty("Content-Type", "application/json");
		    int response = conn.getResponseCode();

			if (response == 200)
			{
				// Add SSO properties using Canvas thread local, which will be
				// internally used by entitlements to fetch user and 
				// entitlement details from third party application.
				CanvasThreadLocal.put("ssoProperties", customSSOProperties);

				uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.success.name());
				uValue.setStatusFlag("E");
				String info = "User name is validated successfully.";
				uValue.setInfo(info);
			} else if (response == 705)
			{
				uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());
				uValue.setInfo("Invalid User Name.");

			} else
			{
				uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());
				uValue.setInfo("Error while validating the user name.");
			}
		} catch (NumberFormatException | IOException e)
		{
			logger.cterror("FAUTHG001", e);
			throw new AuthenticationException(e);
		}
	} else if (uValue.getUserPin() != null && uValue.getUserPin() != null)
	{
		List resultList = null;

		DatabaseRequest dbRequest = new CanvasDatabaseRequest();

		try
		{
			dbRequest.setDataAccessMapKey("USER_PWD_CHECK");
			dbRequest.setOperation(DatabaseConstants.SELECT);
			dbRequest.setOperationExtension("ENCRYPT");
			dbRequest.addFilter("OD_USER_PWD", uValue.getUserPin());
			dbRequest.addFilter("OD_LOGIN_ID", uValue.getLoginId());
			resultList = dbRequest.execute().getReturnedList();
			HashMap tmpMap;
			if (null != resultList && !resultList.isEmpty())
			{

				tmpMap = (HashMap) resultList.get(0);
				String count = (String) tmpMap.get("COUNT");
				if ("0".equals(count))
				{
					uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());
					uValue.setInfo("Invalid User Credentials");
					uValue.setInvalidCred(true);
				} else
				{
					uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.success.name());
					uValue.setStatusFlag("E");
					String info = "User Profile has been successfully Registered";
					uValue.setInfo(info);
				}
			}
		} catch (Exception e)
		{
				uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());
		}
	} else
	{
		logger.cterror("FAUTHG002");
		throw new AuthenticationException("User ticket is not available in SSO properties.");
	}
}


  7. Set values for the following mandatory user details in the getUserDetails method in the custom validate class (View Entitlement class). Following code snippet contains sample values for reference:

    Code Block
    languagejava
    uValue.setUserNo("8632");
uValue.setPrimaryGcif("8HIG1002");
uValue.setTransactionStatus(LoginMasterConstants.STATUS_SUCCESS);
uValue.setFIRST_NAME("UPENDRA");
uValue.setLAST_NAME("singh");
uValue.setLoginId("8600537541");
uValue.setStatusFlag("E");


  8. Create a custom servlet class by implementing the Java interface, HttpServlet. See the sample servlet class for reference.

  9. Add entry to the custom servlet in the web.xml file.

    Code Block
    languagexml
    <servlet>
	<servlet-name>PortalLoginServlet</servlet-name>
	<servlet-class>com.intellectdesign.app.mbb.servlets.login.MBBLoginServlet</servlet-class>
</servlet>


  10. Restart the servers and access your application.

...