Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Current »

Even though Canvas offers a default authentication provider, you can use other authentication provider, such as ARX, to authenticate users and validate their entitlement.

Perform the following steps to setup an implementation-specific log-on sequence:

  1. Create a custom authentication provider by implementing the Java Interface, IAuthenticationServiceProvider. See the sample custom authentication provider for reference.

  2. Mention the custom authentication provider to Canvas framework by providing a value for the AUTH_SERV_PROV_CLASS key in the securityconfig.properties file.

    # The following key indicates the authentication provider that is to
# be used during log-in, log-out or re-authentication purposes.
AUTH_SERV_PROV_CLASS=com.intellectdesign.app.smartbank.servlets.login.SmartBankAuthenticationProvider

# Here, SmartBankAuthenticationProvider.java is the custom authentication provider class.

  3. Create a custom validate class by implementing the Java interface, IEntitlementSource. See the sample custom validate class for reference.

  4. Mention the custom validate class to Canvas framework by providing a value for the VIEW_ENTITLEMENT_CLASS key in the implclassconfig.properties file.

    # The following key indicates the class that validates the users' entitlement.
VIEW_ENTITLEMENT_CLASS=com.intellectdesign.app.smartbank.servlets.entitilements.SmartBankViewEntitlement

# Here, SmartBankViewEntitlement.java is the custom entitlement validation class.

  5. Retrieve the users' log-in ID and password using the request.getParameter method and set those to uservalue in the extractLoginParameters method in Login Servlet.

    private IUserValue extractLoginParameters(HttpServletRequest request)
{
	UserValue userValue = new UserValue();
		
	String userName = (request.getParameter("ctLoginID")).trim();
	String password = request.getParameter("loginPSW");

	// Set the login Id into the User Value
	userValue.setLoginId(userName);

	// Set the simulation model flag in the user Value
	String isSimulationMode = request.getParameter("isSimulated");
	if (isSimulationMode != null && "true".equals(isSimulationMode))
	{
		userValue.setSimulated(true);
		userValue.setSimulatingUserNo(request.getParameter("simulatingUserNo"));
	}

	// Set the password into the user value
	userValue.setUserPin(password);
		
	String checkSumValue = userName + "-" + password + "-" + "INTELLECT_SMARTBANK";
		
	String checkSum = null;
	
	try 
	{
		checkSum = generateSHA256(checkSumValue, userName);
	} 
	catch (Exception e) 
	{
		e.printStackTrace();
	}
	
	userValue.setRSATokenSerialNo(checkSum);

	return userValue;
}

  6. Get the users' log-in ID and password from uservalue and pass those to authentication service in authenticateUser method in the custom authentication provider class. Also, set the setStatusFlag as E if response code is 200.

    public void authenticateUser(IUserValue uValue) throws AuthenticationException
{
	Map customSSOProperties = uValue.getCustomSSOProperties();
		
	String userName = (String) uValue.getLoginId();
	String password = (String) uValue.getUserPin();
	String checksum = (String) uValue.getRSATokenSerialNo();

	if (checksum != null)
	{
		try
		{
			URL url = new URL("http://1.2.3.4:1234/smartbankAPI/api/app/customerloginbyusername/" + userName + ","
						+ password + "," + checksum + "");
				
			HttpURLConnection conn = (HttpURLConnection) url.openConnection();
			conn.setDoOutput(true);
			conn.setRequestMethod("GET");
		    conn.setRequestProperty("Content-Type", "application/json");
		    int response = conn.getResponseCode();

			if (response == 200)
			{
				// Add SSO properties using Canvas thread local, which will be
				// internally used by entitlements to fetch user and 
				// entitlement details from third party application.
				CanvasThreadLocal.put("ssoProperties", customSSOProperties);

				uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.success.name());
				uValue.setStatusFlag("E");
				String info = "User name is validated successfully.";
				uValue.setInfo(info);
			} else if (response == 705)
			{
				uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());
				uValue.setInfo("Invalid User Name.");

			} else
			{
				uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());
				uValue.setInfo("Error while validating the user name.");
			}
		} catch (NumberFormatException | IOException e)
		{
			logger.cterror("FAUTHG001", e);
			throw new AuthenticationException(e);
		}
	} else if (uValue.getUserPin() != null && uValue.getUserPin() != null)
	{
		List resultList = null;

		DatabaseRequest dbRequest = new CanvasDatabaseRequest();

		try
		{
			dbRequest.setDataAccessMapKey("USER_PWD_CHECK");
			dbRequest.setOperation(DatabaseConstants.SELECT);
			dbRequest.setOperationExtension("ENCRYPT");
			dbRequest.addFilter("OD_USER_PWD", uValue.getUserPin());
			dbRequest.addFilter("OD_LOGIN_ID", uValue.getLoginId());
			resultList = dbRequest.execute().getReturnedList();
			HashMap tmpMap;
			if (null != resultList && !resultList.isEmpty())
			{
				tmpMap = (HashMap) resultList.get(0);
				String count = (String) tmpMap.get("COUNT");
				if ("0".equals(count))
				{
					uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());
					uValue.setInfo("Invalid User Credentials");
					uValue.setInvalidCred(true);
				} else
				{
					uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.success.name());
					uValue.setStatusFlag("E");
					String info = "User Profile has been successfully Registered";
					uValue.setInfo(info);
				}
			}
		} catch (Exception e)
		{
				uValue.setTransactionStatus(IAuthenticationServiceProvider.Status.failure.name());
		}
	} else
	{
		logger.cterror("FAUTHG002");
		throw new AuthenticationException("User ticket is not available in SSO properties.");
	}
}

  7. Set values for the following mandatory user details in the getUserDetails method in the custom validate class (View Entitlement class). Following code snippet contains sample values for reference:

    uValue.setUserNo("8632");
uValue.setPrimaryGcif("8HIG1002");
uValue.setTransactionStatus(LoginMasterConstants.STATUS_SUCCESS);
uValue.setFIRST_NAME("UPENDRA");
uValue.setLAST_NAME("singh");
uValue.setLoginId("8600537541");
uValue.setStatusFlag("E");

    The following steps are necessary in cases where the log-on page is part of the application and you need to validate it in the custom authentication provider. If the log-on sequence is outside the application (e.g. in ARX), you do not have the perform the following steps.

  8. Create a custom servlet class by implementing the Java interface, HttpServlet. See the sample servlet class for reference.

  9. Add entry to the custom servlet in the web.xml file.

    <servlet>
	<servlet-name>PortalLoginServlet</servlet-name>
	<servlet-class>com.intellectdesign.app.smartbank.servlets.login.SmartBankLoginServlet</servlet-class>
</servlet>
  10. Restart the servers and access your application.


  • No labels