Database Reference
In-Depth Information
We indicate what pager to send in the PAGERID argument and what the message will be in the
MESSAGE argument. After we create a new URL instance with this address, we call its getContent() method
to “browse” the web address. At that point, the web server with the paging application has responded to
the GET method, and if no exception is thrown, we can continue on with returning the value of the
USE_PAGER constant.
Listing 9-27. Distribute the Code to Pager, distribToPagerURL()
private static final int distribToPagerURL( String twoFactorAuth,
String pagerNo )
{
int distribCode = 0;
try {
URL u = new URL( baseURL + pagerNo + msgURL + twoFactorAuth ) ;
u. getContent ();
distribCode += USE_PAGER ;
} catch ( Exception x ) {}
return distribCode;
}
This method is the most likely to require special editing to be functional in your organization. You
will have to research how page messages are sent to your corporate pagers, if at all. Even if you do not
have pagers, this code may serve as an example of how you might send the two-factor codes to some
other web service.
Distributing the Code to E-Mail
Our distribToEMail() method is not only similar, but also almost identical to the distribToSMS()
method, except that the recipient in this case is the user's e-mail address. I'm leaving out the code, but
the message resembles this:
From: response@org.com
To: OSUSER@org.com
Subject: Response
1234-5678-9012
If successful, we return the value of the USE_EMAIL constant.
Testing Two-Factor Authentication
In this section, we again draw on all our resources to demonstrate and test two-factor authentication
along with everything else we have discussed so far. We will test our two-factor authentication by using
the code we have been examining to generate and transmit two-factor authentication codes. In order to
experience this fully, you will need to enter your pager, cell phone, and/or e-mail addresses in the
database, as we described. Alternatively, you can query the database to select the generated two-factor
codes from the appsec.v_two_fact_cd_cache view.
If you haven't been executing the SQL commands we've been exploring throughout this chapter as
we discussed them, you will need to open the Chapter9 folder and the files Sys.sql , SecAdm.sql ,
AppSec.sql , and HR.sql and execute those commands as the appropriate user. You can execute them in
 
Search WWH ::




Custom Search