Single Sign-On support for ENOVIA V5R8 Simple User Exits API

- Dassault Systemes Confidential -

Single Sign-On support for ENOVIA V5R8 Simple User Exits API Page 2 / 3

How to replace the Default Implementation of the Central Security Service User Exits running on a Web Application Server: The ENOVIA Central Security Service Servlet relies on the implementation of two Java interfaces: - one to access the LDAP directory
// COPYRIGHT DASSAULT SYSTEMES 2002 package com.dassault_systemes.catjsystem.catjsysso; /** * Interface providing high level methods accessing LDAP Directory * to authenticate a user, check user access and retreive specific * attributes in the directory. */ public interface DirectoryAccessInterface { /** * Authenticates the client. * <br><b>Role</b>: Check the credential validity of the client. * @param iUser * The user name (typically the ldap relative distinguished name) * @param iCredentialClient * The client credential (typically the user ldap password) * @param iInfo * For future use. Currently set to null. * @return * 0 if authentication is successfull * @throws DirectoryAccessException * provide additional information when an exception occured */ public int check(String iUser, String iCredentialClient, String iInfo) throws DirectoryAccessException; /** * Indicates whether a user is authorized or not to work with the specified Application. * @param iUser * The user name (typically the ldap relative distinguished name) * @param iApplication * The application name * @return * 0 if the user is authorized * @throws DirectoryAccessException * provide additional information when an exception occured */ public int isAuthorised(String iUser, String iApplication) throws DirectoryAccessException; /** * Retrieves information about the application. * @param iUser * The user name * @param iApplication * The application name * @param iSystem * For future use: the operating system * @param iAttribute * The Attribute that needs to need to be fetched * @param oValue * The attribute retrieved value * @param iSecurityManagerCredential * Credential that identifies the security manager * @throws DirectoryAccessException * provide additional information when an exception occured */ public int getApplicationInfo(

- Dassault Systmes Confidential -

Single Sign-On support for ENOVIA V5R8 Simple User Exits API Page 3 / 3

String iUser, String iApplication, String iSystem, String infoName, StringBuffer oValue, String iSecurityManagerCredential) throws DirectoryAccessException; } which can throw the following expection : // COPYRIGHT DASSAULT SYSTEMES 2002 package com.dassault_systemes.catjsystem.catjsysso; /** * Class wrapping exceptions thrown by implementation of DirectoryAccessImpl */ public class DirectoryAccessException extends Exception { /** * Constructs an Exception with no specified detail message. */ public DirectoryAccessException() { super(); } /** * Constructs an Exception with the specified detail message. * @param iMsg * The detail message. */ public DirectoryAccessException(String iMsg) { super(iMsg); } }

- one for encryption support of sensitive pieces of information

// COPYRIGHT DASSAULT SYSTEMES 2002 package com.dassault_systemes.catjsystem.catjsysso; /** * Interface providing crypting and uncrypting capabilities */ public interface CryptInterface { /** * Crypts a string * @param iStr * The string to be crypted * @return * The crypted string */ public String crypt(String iStr); /** * Uncrypts a string * @param iStr * The string to be uncrypted * @return * The uncrypted string */ public String uncrypt(String iStr); }

These simple user exits can be implemented easily in Java (1.1 or higher) and compiled with a classic Java compiler.

- Dassault Systmes Confidential -