All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class mit.login.AuthObj 

java.lang.Object
   |
   +----mit.login.AuthObj
public class AuthObj
extends Object
implements Serializable

A Class for passing Authentication among servers.

This class facilitates authentication between different servers. If two servers share a key, which should be a 16 byte key, then. One server creates an AuthObj object by giving it a login name that we are asserting along with the shared key and a flag indicating that we are building a new AuthObj. This "asserting" server can then call "getString()" which will return an ASCII string which contains encrypted within it the login name and a timestamp.

This receiving machine creates an AuthObj by calling the constructor with the received encrypted string as well as with the key and setting the "building" flag to false. The receiving machine then calls timely() to determine if the AuthObj is "timely" i.e., not a replay. What is really happening is that the timestamp within the AuthObj is checked to see if it is within 5 minutes of the current time. A call to getLogin will then extract the original login name.

An AuthObjException is thrown if there are problems at any point.

Constructor Index

o AuthObj(String, byte[], boolean)
Construct an AuthObj from either a login name or a received encrypted string.

Method Index

o getLogin()
Return the login name contained in an AuthObj
o getString()
Generate an encrypted String which represents an AuthObj.
o timely()
Determine if an AuthObj was created in the last 5 minutes.

Constructors

o AuthObj 
 public AuthObj(String input,
                byte key[],
                boolean building) throws AuthObjException
Construct an AuthObj from either a login name or a received encrypted string.

Parameters:
input - The input string or login name.
key - The shared encryption key as a byte array, must be 16 bytes.
building - A flag to determine if we are building a new AuthObj or reading in a received one.
Throws: AuthObjException
if anything is wrong.

Methods

o timely 
 public boolean timely()
Determine if an AuthObj was created in the last 5 minutes.

Returns:
true if created within the last 5 minutes.
o getLogin 
 public String getLogin()
Return the login name contained in an AuthObj

Returns:
login The login name.
o getString 
 public String getString() throws AuthObjException
Generate an encrypted String which represents an AuthObj. This string can then be used to recreate the AuthObj provided you have the correct key.

Returns:
The Encrypted String.
Throws: AuthObjException
if there is a problem. 
All Packages  Class Hierarchy  This Package  Previous  Next  Index