Authenticating to external servers

Predefined Java synchronization scripts are included with MobiLink that make it simpler for you to authenticate to external servers using the authenticate_user event. Predefined scripts are available for the following authentication servers:

  • POP3 or IMAP servers using the JavaMail 1.2 API

  • LDAP servers using the Java Naming and Directory Interface (JNDI)

How you use these scripts is determined by whether your MobiLink user names map directly to the user IDs in your external authentication system.

Note

You can also set up authentication to external servers in Sybase Central Model mode, using the Authentication tab. See MobiLink models.

If your MobiLink user names map directly to your user IDs

In the simple case where the MobiLink user name maps directly to a valid user ID in your authentication system, the predefined scripts can be used directly in response to the authenticate_user connection event. The authentication code initializes itself based on properties stored in the ml_property table.

To use predefined scripts directly in authenticate_user
  1. Add the predefined Java synchronization script to the ml_scripts MobiLink system table. You can do this using a stored procedure or in Sybase Central.

    • To use the ml_add_java_connection_script stored procedure, run the following command:

      call ml_add_java_connection_script(
        'MyVersion',
        'authenticate_user',
        'ianywhere.ml.authentication.ServerType.authenticate' )

      where MyVersion is the name of a script version, and ServerType is LDAP, POP3, or IMAP.

    • To use the Add Connection Script Wizard in Sybase Central, choose authenticate_user as the script type, and enter the following in the Code Editor:

      ianywhere.ml.authentication.ServerType.authenticate

      where ServerType is LDAP, POP3, or IMAP.

      See ml_add_java_connection_script system procedure.

  2. Add properties for this authentication server.

    Use the ml_add_property stored procedure for each property you need to set:

    call ml_add_property(
      'ScriptVersion',
      'MyVersion',
      'property_name',
      'property_value' )

    where MyVersion is the name of a script version, property_name is determined by your authentication server, and property_value is a value appropriate to your application. Repeat this call for every property you want to set.

    See External authenticator properties and ml_add_property system procedure.

If your MobiLink user names do not map directly to your user IDs

If your MobiLink user names are not equivalent to your user IDs, the code must be called indirectly and you must extract or map the user ID from the ml_user value. You do this by writing a Java class.

See Writing synchronization scripts in Java.

The following is a simple example. In this example, the code in the extractUserID method has been left out because it depends on how the ml_user value maps to a userid. All the work is done in the "authenticate" method of the authentication class.

package com.mycompany.mycode;

import ianywhere.ml.authentication.*;
import ianywhere.ml.script.*;

public class MLEvents
{
    private DBConnectionContext _context;
    private POP3 _pop3;

    public MLEvents( DBConnectionContext context )
    {
        _context = context;
        _pop3 = new POP3( context );
    }

    public void authenticateUser(
      InOutInteger status,
      String userID,
      String password,
      String newPassword )
    {
        String realUserID = extractUserID( userID );
        _pop3.authenticate( status, realUserID, password, newPassword );
    }

    private String extractUserID( String userID )
    {
        // code here to map ml_user to a "real" POP3 user
    }
}

In this example, The POP3 object needs to be initialized with the DBConnectContext object so that it can find its initialization properties. If you do not initialize it this way, you must set the properties in code. For example,

POP3 pop3 = new POP3();
pop3.setServerName( "smtp.sybase.com" );
pop3.setServerPort( 25 );

This applies to any of the authentication classes, although the properties vary by class.


External authenticator properties