Unwired Accelerator uses the Java Authentication and Authorization Service (JAAS) API to secure client- and server-side Java applications. JAAS protects the system from users based on who runs the code and their permissions, and is compatible with various standard security mechanisms such as LDAP.
Unwired Accelerator accesses CSI interfaces indirectly through these standard J2EE security mechanisms:
HttpServletRequest.getUserPrincipal() – returns the name of the current authenticated user. If the user has not been authenticated, the method returns null.
HttpServletRequest.isUserInRole(j2ee_Role) – returns a Boolean value indicating whether the authenticated user is included in the specified logical “role.” If the user has not been authenticated, the method returns false.
Whether using CSI with the PortalDB or an LDAP security provider, Unwired Accelerator uses the following security management functions:
Portal Interface:
Users establish a password when they click Join Now and set up a user profile.
Users can change their passwords from the MyInfo link.
Users can select Reset Password from the login screen to request a new password if they forget theirs. If a valid e-mail address is specified for the resetPasswordEmail property in global.properties.xml file, Unwired Accelerator notifies the PortalAdmin user. (If an e-mail address is not specified, an alternate procedure for notifying the PortalAdmin user must be in place).
The PortalAdmin user requests a new password in the User Editor screen (from Manage | Users/Roles | Users). Unwired Accelerator generates a new password and sends it to the user’s e-mail address.
Mobile Web Studio:
The StudioAdmin user creates a user profile (from Manage | Users/Roles | Users). Unwired Accelerator generates a new password and sends it to the user’s e-mail address.
The StudioAdmin user changes a user’s password by selecting Password in the User Editor screen (from Manage | Users/Roles | Users). Unwired Accelerator generates a new password and notifies the users via an e-mail message.
Studio users can change their passwords from the Account Info link. Unwired Accelerator sends e-mail notification of the password change to the user’s e-mail address.
If csi.xml has been configured properly, users can change their LDAP passwords using Portal Interface and Mobile Web Studio.
If you are using Enterprise Security with Unwired Accelerator,
see the Enterprise Security Administration Guide for
information.
