|
|||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | ||||||||
See:
Description
| Interface Summary | |
|---|---|
| PasswordFrameworkProvider | Allows the implementing user authenticator to provide the required information to participate in the password-unlock process. |
| Class Summary | |
|---|---|
| SecurityUIManager | This manager class provides simple user-interface services to user authenticators. |
| UserAuthenticator | User authenticator module providing the primary means of interaction with a user authentication token. |
| UserAuthenticatorContextObject | Context objects employed to pass generic data between a user authenticator and the security framework. |
| UserAuthenticatorManager | System-wide singleton manager to handle user authenticators loaded on the device. |
| Exception Summary | |
|---|---|
| UserAuthenticationAccessDeniedException | Thrown when the user is unable to authenticate with a user authenticator. |
| UserAuthenticationCancelException | Thrown when the user cancels the authentication process. |
| UserAuthenticationException | Thrown when user authentication fails. |
This package contains classes and interfaces that let you create and register a user authentication module. By creating your own user authentication module, you can provide users with a custom authentication mechanism in addition to the device password. You could, for example, incorporate custom user authentication hardware into the authentication process used by BlackBerry® devices.
The majority of the work required to implement a user authentication module involves implementing methods of the abstract
UserAuthenticator class. The implemented portions of this class
are used by the security framework on a BlackBerry device to: initialize the user authentication module, store its name and
state, and prompt it to handle user authentication when required.
After implementing a class derived from the UserAuthenticator
class, you register it with the device authentication framework by using the
registerUserAuthenticator()
method of the UserAuthenticatorManager class.
There are two circumstances that require a user authenticator to interact with the user of a device: when the user chooses and activates the authenticator and when the security framework requests authentication from the user (most commonly, when the device is locked and a user attempts to unlock the device).
To help user authentication modules safely and easily perform any required user interaction tasks, the framework provides a
temporary UI manager implemented by the SecurityUIManager class.
When invoking UserAuthenticator methods that might have to interact with the user, a SecurityUIManager is passed
as a parameter. If the authenticator interacts with the user, it should use the methods of the SecurityUIManager to do so.
Notice, however, that each security UI manager that the authenticator receives is functional only for the scope of the method to which it is provided. Once the method returns, the framework invalidates the manager, and it cannot be used again.
Options screen
You can provide a Field to display information about your authentication module on the Options->Password screen where a user can select
from the authentication methods available on the device. You do so by implementing the
getFieldImpl() method of the UserAuthenticator class.
The framework calls this method when it requires a Field to display on behalf of your authenticator. An integer-valued context is passed to
the method to indicate how the Field will be used. The CONTEXT_OPTIONS_SCREEN value
indicates that the Field will be presented to the user on the options screen.
If you are creating an authenticator that relies on a user-supplied passphrase for authentication, then you can leverage the standard device password collecting process by implementing the following interface.
PasswordFrameworkProvider
UserAuthenticatorContextObject
to your implementations of the initializeImpl(),
authenticateImpl(), and
verifyPolicySettingsImpl() methods of the
UserAuthenticator class. You retrieve the password by invoking the
get method of the context object with
UserAuthenticatorContextObject.PASSWORD
specified as the parameter.
The net.rim.device.api.smartcard package provides a convenient way for you to register smart card drivers as authenticators
in the user authenticator framework. You do so by invoking the addSmartCard(newCard,true)
method of the SmartCardFactory class. Smart card drivers that are registered this
way appear in the list of available Smart Card Authenticators in the authentication options list, and the driver for the currently
inserted smart card is chosen as the active smart card authenticator.
You may, however, decide to separate the functionality used to drive the card from the functionality used to perform user authentication.
In this case, invoke addSmartCard(newCard,false) to register your smart card driver and register a separate user authenticator
module to let users leverage any custom authentication options your card supports.
|
|||||||||
| PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES | ||||||||
Copyright 1999-2011 Research In Motion Limited. 295 Phillip Street, Waterloo, Ontario, Canada, N2L 3W8. All Rights Reserved.
Java is a trademark of Oracle America Inc. in the US and other countries.
Legal