MobiLink Synchronization User's Guide
Authenticating MobiLink Users
The MobiLink user authentication system relies on user names and passwords. You can choose either to let the MobiLink synchronization server validate the user name and password using a built-in mechanism, or you can implement your own custom user authentication mechanism.
In the built-in authentication system, both the user name and the password are stored in the ml_user MobiLink system table in the consolidated database. The password is stored in hashed form so that applications other than the MobiLink synchronization server cannot read the ml_user table and reconstruct the original form of the password. You add user names and passwords to the consolidated database using Sybase Central or the dbmluser utility.
For more information, see MobiLink user authentication utility.
When a MobiLink client connects to a MobiLink synchronization server, it provides the following values.
user name The MobiLink user name. Mandatory. This value typically matches exactly a user name in the ml_user MobiLink system table.
password The MobiLink password. Optional only if the user is unknown or if the corresponding password in the ml_user MobiLink system table is NULL.
new password A new MobiLink password. Optional. MobiLink users can change their password by setting this value.
The MobiLink synchronization server, upon receiving a connection request from a MobiLink client, proceeds as follows.
If the MobiLink synchronization server finds the supplied user name in the ml_user MobiLink system table, compares the supplied password with the stored value. If the passwords match or the stored password is NULL, synchronization proceeds. Otherwise, the synchronization server denies the request and returns an error code to the client.
New users and passwordsIf a MobiLink client supplies a user name that is not present in the ml_user table, the behavior is determined by a MobiLink synchronization server command line option.For more information, see Synchronizations from new users. |
Optionally, you can substitute your own user authentication mechanism. You do so by providing an authenticate_user script. If this script exists, it is executed instead of the password comparison. The script must return error codes to indicate the success or failure of the authentication.
The following sections describe how to implement the different pieces of the authentication system, and describe some specific issues you may encounter.