Database Reference
In-Depth Information
procedure; hence, we call a separate PL/SQL function as a Java stored procedure to get access to the Java
method.
When we get to the
distribute2Factor()
method, we already know who the user is from our SSO
processing. We pass that user ID to the method so that we can send our two-factor code to the devices
owned by the intended recipient. Set up and closure of the method are familiar, as you can see in Listing
9-19. This method returns a String which represents the distribution code (summary of routes the two-
factor code was sent).
Listing 9-19.
Method to Distribute Two-Factor Codes: Framework, distribute2Factor()
public static final String distribute2Factor( String osUser ) throws Exception {
// Do not resend this two-factor authentication code,
// nor a new one using this session
if ( twoFactorAuthChars != null ) return "0"
;
int distribCode = 0;
Statement stmt = null;
try {
...
} catch( Exception x ) {
java.io.CharArrayWriter errorText = new java.io.CharArrayWriter( 4000 );
x.printStackTrace( new java.io.PrintWriter( errorText ) );
stmt.executeUpdate( "CALL app_sec_pkg.p_log_error( 0, '" +
errorText.toString() + "', '')" );
} finally {
try {
if( stmt != null ) stmt.close();
} catch( Exception y ) {}
}
return String.valueOf( distribCode );
}
Notice the ellipses (…) in the middle of Listing 9-19. That is where the code resides that we discuss
in the subsections that follow.
Creating the Two-Factor Code
Within the
distribute2Factor()
method, we generate two-factor authentication codes that adhere to
our prescribed format: 12 numeric characters in three groups of four, separated by dashes (e.g., 1234-
5678-9012). I propose that this format is easily read and entered by users. Additionally, and this is
significant, very old, numeric-only pagers are only capable of displaying a limited number of characters;
often only numeric characters and dashes. The prescribed format conforms to that lowest common
denominator.
We build our two-factor code as a character array of 14 characters, as shown in Listing 9-20. We put
a random numeric character in each place. Within the ASCII character set, numeric values run from 48
to 58. That span is size 10, and we basically select the next random integer between 0 and 9. We add the
first ASCII value for numeric character “0”, (48), so in essence we get a random value between 48 and 58
that we cast as a
char
and set in the
twoFactorAuthChars
array.
