Table of Contents
mbSecurity Design
Overview
mbSecurity framework is a singleton class that can be called by all workspace plugins. Its goal is to provide the user a mechanism to save their user credential in their local repository. Plugin developers, by calling the mbSecurity API, can retrieve the saved credential information, and authenticate access to private data. All the credential passwords will be encryted using JAVA crytopgraphy API.
Usage
There are two major components in the mbSecurity framework. One is the basic security login API, and the other is the GUI API. Plugin developers can choose to directly access the basic security login API to store and retrieve built-in login credentials, or call the GUI API to launch a graphical interface to prompt the user to enter the information.
What mbSecurity is NOT intended to do
mbSecurity is NOT designed to authenticate credentials for private data sources or workspaces. Due to the complexity for security authentication and the vast varieties of available protocols used by different data source vendors, it would take tremendous work to develop each protocol access module. We decided that the security transaction should be developed at the plugin level.
mbSecurity API
Security API
- BasicLoginCrendential: class for holding the login crendential info
- get_authType()
- get_encryptPwd()
- get_isActive()
- get_keyAlias()
- get_source
- get_username()
- set_authType()
- set_encryptPwd()
- set_isActive()
- set_keyAlias()
- set_source
- set_username()
- BasicSourceInfo: class for holding the login source info in reference to MBAT architecture
- get_id()
- get_accessType()
- get_pluginName()
- get_sourceDesc()
- get_workspace()
- set_id()
- set_accessType()
- set_pluginName()
- set_sourceDesc()
- set_workspace()
- BasicAuthentication: class for processing, saving, storing, retreving, and updating user login of each secured workspace/plugin or data source.
- String addNewSource(String alias)
- String addNewSource(String workspace, String pluginName,
String sourceName, String alias)
- String getPassword(BasicAuthCredential user)
- BasicAuthCredential getSavedUser(String alias)
- BasicAuthCredential getUser(String alias)
- boolean isUserExist(String alias)
- void loadCredential()
- void saveCredential()
- void updateUser(String alias, String userName, String password, boolean bSavePwd)
Code Sample
public void setCredential(BasicLoginCredential userCredential){
// Password here just returned whatever the user stored in the local repository.
// Plugin developer needs to encode and encrypt the password for the data source
// specific security protocol.
try {
if (userCredential != null) {
BasicAuthentication authentication = BasicAuthentication.getInstance();
String pwd = authentication.getPassword(userCredential);
String userName = userCredential.get_username();
...
}
} catch (Exception ex){
System.out.println(ex.getMessage());
}
}
|
GUI API
-
- JLoginDialog: A login dialog box containing the JLogin panel.
- void createLoginList(Vector aliasList)
- boolean isCancelledSearch()
- void setCancelSearch(boolean search)
- JLoginPanel: A login panel to prompt user to enter the login credential of the security-required list.
- createLoginList(Vector aliasList)
- void setCancelSearch(boolean search)
Code Sample
public void showLoginDialog(DataSourceRef[] privateRefs){
if (m_loginDialog == null) {
m_loginDialog = new JLoginDialog(Main.gui);
}
setCancelSearch(false);
Vector aliasList = new Vector();
for (DataSourceRef ds: privateRefs){
BasicSourceInfo sourceInfo = new BasicSourceInfo();
sourceInfo.set_workspace("mbSearch");
sourceInfo.set_pluginName("database");
sourceInfo.set_sourceName(ds.getDataSource().getCode());
sourceInfo.set_sourceDesc(ds.getDataSource().getDisplayName());
sourceInfo.set_accessType(ds.getDataSource().getDBAccessType());
sourceInfo.set_id(ds.getDataSource().getID());
aliasList.add(sourceInfo);
}
m_loginDialog.createLoginList(aliasList);
}
|
