MobiLink Synchronization Reference
Synchronization Events
Implements a custom user authentication mechanism.
In the following table, the description provides the SQL data type. If you are writing your script in Java or .NET, you should use the appropriate corresponding data type. See SQL-Java data types and SQL-.NET data types.
Event parameters are optional only if no subsequent parameters are specified. For example, you must use parameter 1 if you want to use parameter 2.
Item | Parameter | Description |
---|---|---|
1 | auth_status | INTEGER. This is an INOUT parameter. |
2 | ml_username | VARCHAR(128). |
3 | hashed_user_password | BINARY(20). If the user does not supply a password, this is NULL. |
4 | hashed_new_password | BINARY(20). If the user does not change their password, this is NULL. |
Use MobiLink built-in user authentication mechanism.
This event is identical to authenticate_user except for the passwords, which are in the same hashed form as those stored in the ml_user.hashed_password column. Passing the passwords in hashed form provides increased security.
A one-way hash is used. A one-way hash takes a password and converts it to a byte sequence that is (essentially) unique to each possible password. The one-way hash lets password authentication take place without having to store the actual password in the consolidated database.
When the two authentication scripts are both defined, and both scripts return different auth_status codes, the higher value is used.
authenticate_user connection event
authenticate_parameters connection event
A typical authenticate_user_hashed script is a call to a stored procedure. The order of the parameters in the call must match the order above. In an Adaptive Server Anywhere consolidated database, the script could be as follows.
call my_auth ( ?, ?, ? )
The following Adaptive Server Anywhere stored procedure uses both the user name and password to authenticate. The procedure ensures only that the supplied user name is one of the employee IDs listed in the ULEmployee table. The procedure assumes that the Employee table has a binary(20) column called hashed_pwd.
CREATE PROCEDURE my_auth( inout @auth_status integer, in @user_name varchar(128), in @hpwd binary(20) ) begin if exists ( select * from ulemployee where emp_id = @user_name and hashed_pwd = @hpwd ) then message 'OK' type info to client; return 1000; else message 'Not OK' type info to client; return 4000; end if end
The following stored procedure call registers a Java method called authUserHashed as the script for the authenticate_user_hashed event when synchronizing the script version ver1. This syntax is for Adaptive Server Anywhere consolidated databases.
call ml_add_java_connection_script( 'ver1', 'authenticate_user_hashed', 'ExamplePackage.ExampleClass.authUserHashed)
Following is the sample Java method authUserHashed. It calls Java functions that check and, if needed, change the user's password.
public String authUserHashed( ianywhere.ml.script.InOutInteger authStatus, String user, byte pwd[], byte newPwd[] ) throws java.sql.SQLException { // in a real authenticate_user_hashed handler, we // would handle more auth code states _curUser = user; if( checkPwdHashed( user, pwd ) ) { // auth successful if( newPwd != null ) { // pwd is being changed if( changePwdHashed( user, pwd, newPwd ) ) { // auth ok and pwd change ok use custom code authStatus.setValue( 1001 ); } else { // auth ok but pwd change failed. // Use custom code java.lang.System.err.println( "user: " + user + " pwd change failed!" ); authStatus.setValue( 1002 ); } } else { authStatus.setValue( 1000 ); } } else { // auth failed authStatus.setValue( 4000 ); } return( null ); }
The following stored procedure call registers a .NET method called AuthUserHashed as the script for the authenticate_user_hashed connection event when synchronizing the script version ver1. This syntax is for Adaptive Server Anywhere consolidated databases.
call ml_add_dnet_connection_script( 'ver1', 'authenticate_user_hashed', 'TestScripts.Test.AuthUserHashed' )
Following is the C# signature for the call AuthUserHashed.
public void AuthUserHashed( ref int authStatus, string user, byte[] pwd, byte[] newPwd )