Generating token for javacard framework?

Similar Messages

• Steps to generate Token for opendoc url call in XI3.1

  Hi Guys,
  I am quite new to Sdk's and java programming .
  I am trying to get some help in generating token for opendoc url to avoid login while trying to access a report in Infoview.
  From a previous post I got this code:
  <%@ page import="com.crystaldecisions.sdk.framework.*" %>
  <%@ page import="com.crystaldecisions.sdk.exception.SDKException" %>
  <%@ page import="com.crystaldecisions.sdk.occa.security.*" %>
  <%
  boolean loginSuccessful = false;
  IEnterpriseSession boEnterpriseSession = null;
  String username = "Administrator";
  String password = "pwd";
  String cmsname  = "CMS";
  String authenticationType = "secEnterprise";
  try {
     //Log in.
     boEnterpriseSession = CrystalEnterprise.getSessionMgr().logon( username, password, cmsname, authenticationType);
     if (boEnterpriseSession == null) {
        out.print("<FONT COLOR=RED><B>Unable to login.</B></FONT>");
     } else {
        loginSuccessful = true;
  } catch (SDKException sdkEx) {
     out.print("<FONT COLOR=RED><B>ERROR ENCOUNTERED</B><BR>" + sdkEx + "</FONT>");
  if (loginSuccessful) {
     ILogonTokenMgr boLogonTokenMgr = boEnterpriseSession.getLogonTokenMgr();
     String logonToken = boLogonTokenMgr.createLogonToken("", 60, 1);
     String infoViewURL = null;
     String tokenParam = null;
     String redirectURL = null;
     infoViewURL = "http://server:8080/InfoViewApp/logon.jsp";
     tokenParam = "ivsLogonToken=" + logonToken;
     redirectURL = infoViewURL + "&" + tokenParam;
     response.sendRedirect(redirectURL);
  %>
  The problem is I don't know where to put this code in the opendoc.jsp file.
  I tried to create a custom OpenDoc.jsp with a above code, leaving the original opendoc.jsp as it is. And used this custom jsp file in the opendoc url. This is taking me to Infoview login page and I see taht a token is created at the end of the url but it is not passed.
  Can somebody help me to understand where exactly to put this code in the opendoc.jsp and any correction to this code or additional steps to get it working.
  Any help is greatly appreciated!

  The code above is meant to redirect you to InfoView. Change the last bit of code as follows:
  //add any opendocument parameters to the URL here
  openDocURL = "http://server:8080/OpenDocument/opendoc/openDocument.jsp"
  tokenParam = "token=" + logonToken;
  redirectURL = openDocURL + "&" + tokenParam;
  response.sendRedirect(redirectURL);

• Help on generating token for opendoc url in XI3.1

  Hi Guys,
  I am trying to get some help in generating token for opendoc url to avoid login while trying to access a report in Infoview.
  From a previous post I got this code:
  <%@ page import="com.crystaldecisions.sdk.framework.*" %>
  <%@ page import="com.crystaldecisions.sdk.exception.SDKException" %>
  <%@ page import="com.crystaldecisions.sdk.occa.security.*" %>
  <%
  boolean loginSuccessful = false;
  IEnterpriseSession boEnterpriseSession = null;
  String username = "Administrator";
  String password = "pwd";
  String cmsname = "CMS";
  String authenticationType = "secEnterprise";
  try {
  //Log in.
  boEnterpriseSession = CrystalEnterprise.getSessionMgr().logon( username, password, cmsname, authenticationType);
  if (boEnterpriseSession == null) {
  out.print("Unable to login.");
  } else {
  loginSuccessful = true;
  } catch (SDKException sdkEx) {
  out.print("ERROR ENCOUNTERED
  " + sdkEx + "");
  if (loginSuccessful) {
  ILogonTokenMgr boLogonTokenMgr = boEnterpriseSession.getLogonTokenMgr();
  String logonToken = boLogonTokenMgr.createLogonToken("", 60, 1);
  String infoViewURL = null;
  String tokenParam = null;
  String redirectURL = null;
  infoViewURL = "http://server:8080/InfoViewApp/logon.jsp";
  tokenParam = "ivsLogonToken=" + logonToken;
  redirectURL = infoViewURL + "&" + tokenParam;
  response.sendRedirect(redirectURL);
  %>
  The problem is I don't know where to put this code in the opendoc.jsp file.
  I tried to create a custom OpenDoc.jsp with a above code, leaving the original opendoc.jsp as it is. And used this custom jsp file in the opendoc url. This is taking me to Infoview login page and I see taht a token is created at the end of the url but it is not passed.
  Can somebody help me to understand where exactly to put this code in the opendoc.jsp and any correction to this code or additional steps to get it working.
  Any help is greatly appreciated

  Stratos,
    Thanks for your inputs,
    I changed the code as you suggested , now my whole code looks like :
  <%@ page import="com.crystaldecisions.sdk.framework.*" %>
  <%@ page import="com.crystaldecisions.sdk.exception.SDKException" %>
  <%@ page import="com.crystaldecisions.sdk.occa.security.*" %>
  <%
  boolean loginSuccessful = false;
  IEnterpriseSession boEnterpriseSession = null;
  String username = "user";
  String password = "Password";
  String cmsname  = "Server";
  String authenticationType = "secEnterprise";
  try {
     //Log in.
     boEnterpriseSession = CrystalEnterprise.getSessionMgr().logon( username, password, cmsname, authenticationType);
     if (boEnterpriseSession == null) {
        out.print("<FONT COLOR=RED><B>Unable to login.</B></FONT>");
     } else {
        loginSuccessful = true;
  } catch (SDKException sdkEx) {
     out.print("<FONT COLOR=RED><B>ERROR ENCOUNTERED</B><BR>" + sdkEx + "</FONT>");
  if (loginSuccessful) {
     ILogonTokenMgr boLogonTokenMgr = boEnterpriseSession.getLogonTokenMgr();
       String logonToken = boLogonTokenMgr.createLogonToken("", 60, 1);
       //String logonToken = boLogonTokenMgr.getDefaultToken();
     String infoViewURL = null;
     String tokenParam = null;
     String redirectURL = null;
     infoViewURL = "http://Server:8080/InfoViewApp/logon.jsp";
     tokenParam = "ivsLogonToken=" + logonToken;
     redirectURL = infoViewURL + "&" + tokenParam;
     pageContext.forward( "openDocument.jsp?iDocID=" + 4668 + "&token=" + tokenParam);
  %>
  But I am still getting the Infoview Login Page . The url on the login page is
  http://server:8080/OpenDocument/opendoc/logonTrustedAuth.do?appKind=InfoView&iDocID=4668&isApplication=true&token=ivsLogonToken%server%3A6400%4021181JIipxt70VM0kd90v21179JFd4dHn7kW2FKSBi
  We can see that a token is being generated and appended to this url but it is not passing the user name and password.
  Please let me know what you think about this.

• Structure Or Record In JavaCard Framework

  Can anybody please tell me if there is a way to define or implement records or structures in Javacard Framework??
  My IDE is eclipse and I have so many master_detail data to store in Javacard, because my card does not support DB storage(SCQL) I'm searching a way better than storring data just in arrays...
  any idea about better kind of storring data on card would be so much appreciated --<--@
  my data are some thing like this:
  Name,Family,Age,Sex,CreditNo,....
  and also:
  Master : DateOfVisit, TimeOfVisit, CodeOfVisit
  Detail: IndexCode, DrugName, DrugInstruction
  an Example is ::
  Name:Hana
  Family:Bijani
  Age:25
  Sex:Femail
  CreditNo:176.3434
  Data1
  DateOfVisit:2009-08-08
  TimeOfVisit:14:23
  CodeOfVisit:123
  IndexCode:1 DrugName:Drug A DrugInstruction: someinstructA
  IndexCode:2 DrugName:Drug B DrugInstruction: someinstructB
  Data2
  DateOfVisit:2009-08-06
  TimeOfVisit:14:23
  CodeOfVisit:12345
  IndexCode:1 DrugName:Drug A DrugInstruction: someinstructA
  IndexCode:2 DrugName:Drug B DrugInstruction: someinstructB
  IndexCode:3 DrugName:Drug C DrugInstruction: someinstructC
  IndexCode:4 DrugName:Drug D DrugInstruction: someinstructD
  Kind Regards
  Hana

  what you want is really simple: it's a class:
  public class record {
  public byte[] name;
  public short credit;
  //no constructor means default void constructor
  //use
  class main {
  private record[] records;
  private short record_count;
  //in a method, create a record
  short rec_num = record_count++;
  records[rec_num]=new record();
  records[rec_num].credit = .....
  records[rec_num].name=new byte[16];
  JCSystem.arrayCopyNonAtomic( data..... , offset..... records[rec_num].name,16);
  //Etc
  cheat sheet:
  - no string in javacards, use byte[] arrays, and encode strings to ASCII UTF8 or whatever
  - no int except in rare cards, use shorts for 16 bits values, arrays of bytes to simulate ints
  - no pointers in java
  - struct are classes
  - byte[] arrays created with new are non volatile
  in general, cards are dumb. they only store raw byte arrays and the actual structure management is left to the host. This is a very robust and ubiquitous design, allowing reuse and simpification of on card code.
  So in a perfect world you should'nt need a class to store records. A byte array is sufficient.
  Imagine one day you want to add a new field in your record. argh!! you have to recompile/redeploy a new applet. If some millions clients already have it... fail!
  However if you only store a raw record, it's just a matter or recompiling a basic java/whatever application, not a highly embedded code :)

• [svn:osmf:] 15867: asdocs: Update to accomodate generating OSMF for Flex 4. 0 asdocs from OSMF 1.0 source with as few changes as possible.

  Revision: 15867
  Revision: 15867
  Author:   [email protected]
  Date:     2010-05-02 19:36:51 -0700 (Sun, 02 May 2010)
  Log Message:
  asdocs: Update to accomodate generating OSMF for Flex 4.0 asdocs from OSMF 1.0 source with as few changes as possible.
  Modified Paths:
      osmf/trunk/framework/OSMF/org/osmf/display/ScaleMode.as

  bringrags wrote:
  We do indeed recommend replacing the osmf.swc from a Flex 4 project if you're going to use OSMF in Flex 4, but you may (will?) run into issues if you attempt to use Flex's VideoPlayer within that project.  Note also that you'll need to replace osmf.swc for each individual project (or edit your flex-config.xml file to point to the updated SWC).
  In terms of future plans, we are working closely with the Flex team to ensure that their next release ships with the latest OSMF version.  No ETA on that though.
  I have followed the recommendations and removed the old version of swc and replaced it with the release version. And so far the video and audio players work fine without errors.
  But looking at the flex-config.xml I see that it still points to the old version.
  <!-- OSMF SWC -->
      <runtime-shared-library-path>
  <path-element>libs/osmf.swc</path-element>
  <rsl-url>http://fpdownload.adobe.com/pub/swz/flex/4.0.0.14159/osmf_flex.4.0.0.13495.swz</rsl-url>
  <policy-file-url>http://fpdownload.adobe.com/pub/swz/crossdomain.xml</policy-file-url>
  <rsl-url>osmf_flex.4.0.0.13495.swz</rsl-url>
  <policy-file-url></policy-file-url>
  </runtime-shared-library-path>
  Could you elaborate a little bit more on editing this part of flex-config.xml?
  Thanks,
  FTQuest

• OCF or Javacard.Framework

  OCF or Javacard.Framework? which one is better? I'm alittle confused with these concepts..
  as I told in my last post my pc application is written in Delphi language and I installed my applet into card which delphi app send data to this applet via APDU..
  now the question is Which one could be better to use in my applet? OCF or Javacard.Framework??
  regards

  From my understanding OCF is an off-card API for communicating with cards and readers with Java. The card you have should have the org.globalplatform package and won't have OCF. If you want your applet to be portable across different cards, you should probably stick with javacard.framework.
  JCOP Tools should also help with this. It will only allow you to build against standard libraries. If you have vendor specific libraries for the target card you are using, you will need to get the Jar files to build against from them.
  Cheers,
  Shane

• Javacard.framework.APDU sendBytes method

  In the class javacard.framework.APDU, I found that in several methods such as sendBytes(short bOff, short leng) or public void sendBytesLong(byte[] outData, short bOff, short len), they say:
  "Requiring that the buffer not be altered allows the implementation to reduce protocol overhead by transmitting the last part of the response along with the status bytes."
  I can not understand it so well. Why is it related to protocol overhead reduction? And what is "status bytes"?
  Your reply, whether helpful or not, is highly appreciated
  Jason

  So you mean when it transmits the last packet including status bytes ~~> there would be one transmission only ~~> instead of two transmissions that last data is sent first and status bytes are sent then.
  ~~> thus, one (instead of two) can reduce the slight protocol overhead
  When this process is repeated for each APDU response, it can lead to a multiple of slight overheads ~~> reduce the protocol overhead significantly
  Is that right?
  Jason

• Wscompile only generates classes for the first wsdl:portType encountered

  Greetings.
  When
  compiling a WSDL with port types as follows below;
  classes are generated for port type: AccountsManagement only.
    <portType name="AccountsManagement">
        <operation name="CreateAccount" parameterOrder="Account">
            <input message="tns:CreateAccountReq"/> <!-- name defaults to CreateAccountReqRequest -->
            <output message="tns:CreateAccountReqResponse"/>
        </operation>
        <operation name="CreateAccountForPerson" parameterOrder="Account UniqueId">
            <input message="tns:CreateAccountForPersonReq"/>
            <output message="tns:CreateAccountForPersonReqResponse"/>
        </operation>
    </portType>
    <portType name="PersonsManagement">
        <operation name="AddPerson" parameterOrder="Person">
            <input message="tns:AddPersonReq" name="AddPersonReq"/>
            <output message="tns:AddPersonReqResponse" name="AddPersonReqResponse"/>
        </operation>
        <operation name="AddPersonWithAccount" parameterOrder="Person Account">
            <input message="tns:AddPersonWithAccountReq" name="AddPersonWithAccountReq"/>
            <output message="tns:AddPersonWithAccountReqResponse" name="AddPersonWithAccountReqResponse"/>
        </operation>
    </portType>
    <portType name="TellersOperations">
        <operation name="ListAccountsForPerson" parameterOrder="UniqueId">
            <input message="tns:ListAccountsForPersonReq"/>
            <output message="tns:ListAccountsForPersonReqResponse"/>
        </operation>
    </portType>Netbeans output:
  init:
  wscompile-init:
  Created dir: C:\PROJECTS\WSTest\build\generated\wsclient
  Created dir: C:\PROJECTS\WSTest\build\generated\wsservice
  Created dir: C:\PROJECTS\WSTest\build\generated\wsbinary
  TestBankingService_wscompile:
  command line: wscompile "C:\Program Files\Java\jdk1.5.0_03\jre\bin\java.exe" -classpath "C:\Program Files\Java\jdk1.5.0_03\lib\tools.jar;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib\j2ee.jar;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib\saaj-api.jar;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib\saaj-impl.jar;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib\jaxrpc-api.jar;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib\jaxrpc-impl.jar" com.sun.xml.rpc.tools.wscompile.Main -d "C:\PROJECTS\WSTest\build\generated\wsbinary" -features:wsi,strict -import -keep -mapping "C:\PROJECTS\WSTest\web\WEB-INF\TestBankingService-mapping.xml" -nd "C:\PROJECTS\WSTest\build\web\WEB-INF\wsdl" -s "C:\PROJECTS\WSTest\src\java" -verbose -Xprintstacktrace "C:\PROJECTS\WSTest\src\java\bankers\server\TestBankingService-config.xml"
  [ServiceInterfaceGenerator: creating service interface: bankers.server.TestBankingService]
  [CustomClassGenerator: generating JavaClass for: Account]
  BUILD SUCCESSFUL (total time: 2 seconds)There should be a class for Person as well. If I move port type:
  PersonsManagement to the top no Account class will be generated, but
  instead the Person class will be generated.
  Loading up the WSDL in Netbeans (client) works and shows
  all three Ports with their respective operations.
  Is there a reason for only allowing more than one port type per WSDL?
  Checked the man page for switches to "loop" though all portTypes but noluck.
  A bug?
  Thanks,
  WSDL for reference
  <?xml version="1.0" encoding="UTF-8"?>
  <definitions name="BankingService" targetNamespace="http://www.mycomp.org/schemas/MyWebService"
      xmlns:tns="http://www.mycomp.org/schemas/MyWebService"
      xmlns:ns1="urn:WS/types"
      xmlns="http://schemas.xmlsoap.org/wsdl/"
      xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
      xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
      xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <!-- Type definitions -->
    <types>
      <xsd:schema targetNamespace="urn:WS/types">
          <xsd:element name="Person" type="ns1:Person"/>
          <xsd:element name="Account" type="ns1:Account"/>
          <xsd:element name="ListOfAccounts" type="ns1:ListOfAccounts"/>
          <xsd:element name="ResultCode" type="xsd:unsignedInt"/>
          <xsd:element name="AccountNumber" type="xsd:string"/>
          <xsd:element name="UniqueId" type="xsd:string"/>
          <xsd:complexType name="Person">
              <xsd:sequence>
                  <xsd:element name="DisplayName" type="xsd:string"/>
                  <xsd:element name="UniqueId" type="xsd:string"/>
              </xsd:sequence>
          </xsd:complexType>
          <xsd:complexType name="Account">
              <xsd:sequence>
                  <xsd:element name="Number" type="xsd:string"/>
                  <xsd:element name="Type" type="xsd:token"/>
                  <xsd:element name="Amount" type="xsd:integer"/>
              </xsd:sequence>
          </xsd:complexType> 
        <xsd:complexType name="ListOfAccounts">
            <xsd:sequence>
                <xsd:element name="Account" type="ns1:Account" minOccurs="0" maxOccurs="unbounded"/>
            </xsd:sequence>
        </xsd:complexType>
      </xsd:schema>
    </types>
    <message name="AddPersonReq">
        <part name="Person" element="ns1:Person"/>
    </message>
    <message name="AddPersonReqResponse">
        <part name="ResultCode" element="ns1:ResultCode"/>
    </message>
    <message name="AddPersonWithAccountReq">
        <part name="Person" element="ns1:Person"/>
        <part name="Account" element="ns1:Account"/>
    </message>
    <message name="AddPersonWithAccountReqResponse">
        <part name="AccountNumber" element="ns1:AccountNumber"/>
    </message>
    <message name="CreateAccountReq">
        <part name="Account" element="ns1:Account"/>
    </message>
    <message name="CreateAccountReqResponse">
        <part name="AccountNumber" element="ns1:AccountNumber"/>
    </message>
    <message name="CreateAccountForPersonReq">
        <part name="Account" element="ns1:Account"/>
        <part name="UniqueId" element="ns1:UniqueId"/>
    </message>
    <message name="CreateAccountForPersonReqResponse">
        <part name="AccountNumber" element="ns1:AccountNumber"/>
    </message>
    <message name="ListAccountsForPersonReq">
        <part name="UniqueId" element="ns1:UniqueId"/>
    </message>
    <message name="ListAccountsForPersonReqResponse">
        <part name="Accounts" element="ns1:ListOfAccounts"/>
    </message>
    <!--
          NOTE THAT wscompile WILL PICK THE FIRST AND ONLY FIRST portType
          IS THIS A BUG OR A FEATURE?
    -->
    <portType name="AccountsManagement">
        <operation name="CreateAccount" parameterOrder="Account">
            <input message="tns:CreateAccountReq"/> <!-- name defaults to CreateAccountReqRequest -->
            <output message="tns:CreateAccountReqResponse"/>
        </operation>
        <operation name="CreateAccountForPerson" parameterOrder="Account UniqueId">
            <input message="tns:CreateAccountForPersonReq"/>
            <output message="tns:CreateAccountForPersonReqResponse"/>
        </operation>
    </portType>
    <portType name="PersonsManagement">
        <operation name="AddPerson" parameterOrder="Person">
            <input message="tns:AddPersonReq" name="AddPersonReq"/>
            <output message="tns:AddPersonReqResponse" name="AddPersonReqResponse"/>
        </operation>
        <operation name="AddPersonWithAccount" parameterOrder="Person Account">
            <input message="tns:AddPersonWithAccountReq" name="AddPersonWithAccountReq"/>
            <output message="tns:AddPersonWithAccountReqResponse" name="AddPersonWithAccountReqResponse"/>
        </operation>
    </portType>
    <portType name="TellersOperations">
        <operation name="ListAccountsForPerson" parameterOrder="UniqueId">
            <input message="tns:ListAccountsForPersonReq"/>
            <output message="tns:ListAccountsForPersonReqResponse"/>
        </operation>
    </portType>
    <binding name="AccountsManagementBinding" type="tns:AccountsManagement">
        <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
        <operation name="CreateAccount">
            <soap:operation soapAction=""/>
            <input name="CreateAccountReq">
                <soap:body use="literal"/>
            </input>
            <output name="CreateAccountReqResponse">
                <soap:body use="literal"/>
            </output>
        </operation>
        <operation name="CreateAccountForPerson">
            <soap:operation soapAction=""/>
            <input name="CreateAccountForPersonReq">
                <soap:body use="literal"/>
            </input>
            <output name="CreateAccountForPersonReqResponse">
                <soap:body use="literal"/>
            </output>
        </operation>
    </binding>
    <binding name="PersonsManagementBinding" type="tns:PersonsManagement">
        <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
        <operation name="AddPerson">
            <soap:operation soapAction=""/>
            <input name="AddPersonReq">
                <soap:body use="literal"/>
            </input>
            <output name="AddPersonReqResponse">
                <soap:body use="literal"/>
            </output>
        </operation>
        <operation name="AddPersonWithAccount">
            <soap:operation soapAction=""/>
            <input name="AddPersonWithAccountReq">
                <soap:body use="literal"/>
            </input>
            <output name="AddPersonWithAccountReqResponse">
                <soap:body use="literal"/>
            </output>
        </operation>
    </binding>
    <binding name="TellersOperationsBinding" type="tns:TellersOperations">
        <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
        <operation name="ListAccountsForPerson">
            <soap:operation soapAction=""/>
            <input name="ListAccountsForPersonReq">
                <soap:body use="literal"/>
            </input>
            <output name="ListAccountsForPersonReqResponse">
                <soap:body use="literal"/>
            </output>
        </operation>
    </binding>
    <service name="BankingService">
        <port name="AccountsManagementService" binding="tns:AccountsManagementBinding">
            <soap:address location="__URL__"/>
        </port>
        <port name="PersonsManagementService" binding="tns:PersonsManagementBinding">
            <soap:address location="__URL__"/>
        </port>
        <port name="TellersOperationsService" binding="tns:TellersOperationsBinding">
            <soap:address location="__URL__"/>
        </port>
    </service>
  </definitions>

  I saw this post elsewhere:
  JAXRPC specification required support for only subset of schema types. Abstract schema type support was not required. For the schema types that are not supported, the spcification requires that they should be mapped to javax.xml.soap.SOAPElement.
  This is what jaxrpc wscompile tool does. At tool time, the type in the sample code posted is extended frm an abstract type so it should be getting mapped to SOAPElement. SOAPElement extends Node and Element. You may like to see its javadoc.
  -vivek.
  This is basically the behavior I am seeing, but I don't see this as being extended from an abstract type. if someone can see that and explain that to me I would appreciate it....if this is even the right path to the answer to my problem.

• Creating Token for Login Method

  I am writing a login method that will authencticate user and return token for web services. Next time user will send is token and we will validate the token but requirement is that we donot wnat to keep any state of token at server.What does it mean that when we receive token, we should be able to detremine is it a valid token or not.(This implied token can't be forged by any user).
  I have written a function using KeyPairGenerator, please have a look and let me know if you see any security issue.
  Design is
  token generateToken(userid) {
  hash = hash(userid) ------------------- ONE
  Signature = Encrypt (Private key , hash) --------------- TWO
  return hash + " " + Signature
  bool isValid(token) {
  separate part 1 and part 2 of toekn (delimeter is space)
  Signature = Encrypt (Public key , part1)
  if signature == part2
  token is valid
  else token is invalid
  Code is
  PublicKey privateKey ;
  PrivateKey publicKey ;
  KeyPairGenerator keyGen;
  SecureRandom random ;
  KeyPair keypair;
  public String generateToken() throws Exception{
  keyGen = KeyPairGenerator.getInstance("DSA");
  random = SecureRandom.getInstance("SHA1PRNG", "SUN");
  keyGen.initialize(512 , random);
  keypair = keyGen.genKeyPair();
  privateKey = keypair.getPrivate();
  publicKey = keypair.getPublic();
  String token = userName;
  byte[] part1 = getHash(1000, token , generateSalt());
  /* Create a Signature object and initialize it with the private key */
  Signature dsa = Signature.getInstance("SHA1withDSA", "SUN");
  dsa.initSign(privateKey);
  /* Update and sign the data */
  dsa.update(part1, 0 , part1.length) ;
  /* Generate a signature for it */
  byte[] realSig = dsa.sign();
  String tokenToReturn = byteToBase64(part1) + " " + byteToBase64(realSig) ;
  return tokenToReturn;
  public void verifyToken(String token) throws Exception{
  int space = token.indexOf(" ");
  String part1 = token.substring(0 , space);
  String part2 = token.substring(space+1);
  /* create a Signature object and initialize it with the public key */
  Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
  sig.initVerify(publicKey);
  byte[] bPart1 = base64ToByte(part1);
  byte[] bPart2 = base64ToByte(part2);
  /* Update and sign the data */
  sig.update(bPart1, 0 , bPart1.length) ;
  if ( sig.verify(bPart2) )
       System.out.println("signature verifies: " );
  else
  System.out.println("signature does not verifies: " );
  Does this code look right ??? Please let me know if you see any pitfalls or know better way to create token

  Hello,
  one conceptual problem is the fact that once you generate such a token it is valid forever. One idea would be to incorporate the date/time of generation, so that you have some kind of timeout mechanism if the token is too old. Again, the token mechanism will be susceptible to replay attacks for the token's validity period.
  For my part, I would tend to go with some kind of one-time token design. Even if you are constrained not to use a database, you could use an in-memory structure to keep track of the generated tokens, mapping them to the users requested them and removing them on an explicit logout or after an expiration time period. This way you don't depend on a timestamp, which implies that you keep a clock well-synchronized. Just my $.02.
  Kind regards,
  Anestis

• How to generate Barcode for Storage Bins

  Hi,
  How to generate Barcode for the all the newly created storage bins in order to get scanned with the RF devices.
  Thanks and regards,
  I.Jacob Milton

  Hello Jacob,
  We generate our barcodes with the help of the PPF action. For example, our labels have the barcodes onto them and when we finish a task that requires packing/unpacking/deconsolidation we have the PPF trigger the printing of the neccesary labels.
  I direct you to the path SCM SPRO - Supply Network Collaboration - Tools - Actions (Post Processing Framework). Here you need to set the action and namely the trigger.
  All the best,
  Claudiu Maxim

• Export file framework.exp of package javacard.framework not found

  Hi,
  trying to convert the HelloWord example of the Sun Javacard Kit (2.2.2), i get the "error: export file framework.exp of package javacard.framework not found". I have compiled the file according to the documentation and i am still following the documentation for converting it.
  this is the command i use:
  %JC_HOME%/bin/converter.bat -config C:\java_card_kit-2_2_2\samples\src\com\sun\javacard\samples\HelloWorld\HelloWorld.opt
  Ideas?
  Thanks
  Edited by: uig on Oct 23, 2007 7:54 AM

  how did you compile ur helloworld.opt file coz when i tried it i got this err msg
  call %JC_HOME%\bin\converter -config ..\src\com\sun\javacard\samples\HelloWorld\HelloWorld.opt
  and got this err
  Exception in thread "main" java.lang.NoClassDefFoundError: Files\Java\jre1/6/0_03\lib\ext\QTJava/zip;

• How to generate Token

  Hi,
  I'm using Agile PLM for Process 6.1.0.1.
  in Agile Product Lifecycle Management for Process Documentation Library v6.1 >> Administrator User Guide is explained how to generate a Token from ADMIN Module.
  The guide says to click on ADMIN > Activities > Generate Token on the left navigation panel. Our issue is that the "generate Token" row exit doesn't appear.
  We have the same issue with the "import".
  The only row exit that appear is "Export"
  Do you know which could be the cause of this issue?
  If you need a better explanation let me know.
  Thanks and regards.
  Stefano
  Edited by: StefanoMeleSinfo on 16-gen-2013 2.22

  Hi, in the EnvironmentSettings.config file there are several sections that control this.
  First is the DataExchangeService node, which need to be different for the Source system versus the Target System. This controls which system can generate tokens.
  SOURCE SYSTEM
  <!-- Change the System Attribute of dataexchange to Production to make this environment import only environment -->                    
                      <!-- DataExchangeService follows a new and simpler config scheme now -->
                      <DataExchangeService configChildKey="name" refscope="Application" factory="Class:Xeno.Prodika.Services.DataExchange.DataExchangeServiceFactory,PlatformExtensions" >
                           <envvar name='DexConfiguration' handler='Class:Xeno.Prodika.Services.DataExchange.Configuration.DexConfigSectionHandlerFactory,PlatformExtensions'>
                                <DataExchangeConfig System="PSTAGE" NotifierEmail="@@VAR:Prodika.DataExchangeService.Notifier.EmailAddress@@"
                                     EncryptionFilter="Class:Xeno.Prodika.Services.DataExchange.Serialization.RijndaelEncryptionStreamFilterFactory,PlatformExtensions">
                                     <TargetSystems>
  PDEV
                                     </TargetSystems>
                                     <SourceSystems>
                                     </SourceSystems>
                                </DataExchangeConfig>
                           </envvar>
                      </DataExchangeService>
  TARGET SYSTEM - The Target will allow Tokens to be generated for the Source.
  <!-- Change the System Attribute of dataexchange to Production to make this environment import only environment -->                    
                      <!-- DataExchangeService follows a new and simpler config scheme now -->
                      <DataExchangeService configChildKey="name" refscope="Application" factory="Class:Xeno.Prodika.Services.DataExchange.DataExchangeServiceFactory,PlatformExtensions" >
                           <envvar name='DexConfiguration' handler='Class:Xeno.Prodika.Services.DataExchange.Configuration.DexConfigSectionHandlerFactory,PlatformExtensions'>
                                <DataExchangeConfig System="PDEV" NotifierEmail="@@VAR:Prodika.DataExchangeService.Notifier.EmailAddress@@"
                                     EncryptionFilter="Class:Xeno.Prodika.Services.DataExchange.Serialization.RijndaelEncryptionStreamFilterFactory,PlatformExtensions">
                                     <TargetSystems>
                                     </TargetSystems>
                                     <SourceSystems>
  PSTAGE
                                     </SourceSystems>
                                </DataExchangeConfig>
                           </envvar>
                      </DataExchangeService>
  Then there are several sections you set the which allows create, edit, and export from the Source system, and then you dis-allow on the Target system.
  SOURCE System: We set WFA and UGM (i.e PMA) to allow everything but Import.
       <WFA>
            <AppSettings configChildKey="key" >
                 <add key="AllowCreate" value="true" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowEdit" value="true" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowCopy" value="true" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowImport" value="false" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowExport" value="true" configAttributeOverrideModifier="IsLocked" />
            </AppSettings>
       </WFA>
       <PMA>
            <AppSettings configChildKey="key" >
                 <add key="AllowUserCreate" value="true" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowUserEdit" value="true" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowUserImport" value="false" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowUserExport" value="true" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowGroupCreate" value="true" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowGroupEdit" value="true" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowGroupImport" value="false" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowGroupExport" value="true" configAttributeOverrideModifier="IsLocked" />
            </AppSettings>
       </PMA>
  TARGET System: We set WFA and UGM (i.e PMA) to not allow everything but Import.
       <WFA>
            <AppSettings configChildKey="key" >
                 <add key="AllowCreate" value="false" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowEdit" value="false" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowCopy" value="false" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowImport" value="true" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowExport" value="false" configAttributeOverrideModifier="IsLocked" />
            </AppSettings>
       </WFA>
       <PMA>
            <AppSettings configChildKey="key" >
                 <add key="AllowUserCreate" value="false" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowUserEdit" value="false" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowUserImport" value="true" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowUserExport" value="false" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowGroupCreate" value="false" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowGroupEdit" value="false" configAttributeOverrideModifier="IsLocked"/>
                 <add key="AllowGroupImport" value="true" configAttributeOverrideModifier="IsLocked" />
                 <add key="AllowGroupExport" value="false" configAttributeOverrideModifier="IsLocked" />
            </AppSettings>
       </PMA>
  Hope that helps!

• Obtain a primary token for a user who does not have permission to logon locally

  I would like to know whether it's possible to obtain a primary token for a user who doesn't have permission to log on locally. If yes, what the recommended way is for doing that.
  I called LogonUserW with logon32_logon_network logontype for user which is not allowed to logon locally. It returned impersonation token. I called DuplicateTokenEx to create primary token but it still returned impersonation token.

  A Network Logon is always going to return an impersonation token.  This is by design. 
  A Batch or Service logon would return a Primary Token.  The user would need the corresponding right to return these 2 types of token.  Typically, all users are allowed to generate a Network Token (Impersonation Token) but as you have discovered
  it has limited usage which is by design.
  thanks
  Frank K [MSFT]
  Follow us on Twitter, www.twitter.com/WindowsSDK

• SimAlliance Loader for JavaCards - Question

  Hello everybody
  I have a question about the SimAlliance Loader for Javacards. I found this tool at www.simalliance.org.
  My question is about the "Memory Configuration", there are three fields to fill out.
  1. Package Non Volatile Memory Size (in bytes)
  2. Installation Non Volatile Memory Size (in bytes)
  3. Installation Volatile Memory Size (in bytes)
  as default is the value 00 00 what I have to put in there?
  In the Help File I could find following description:
  Memory configuration
  Enter the memory space required by the applet to be loaded and installed.
  Note:The default values proposed in the project settings are appropriate for most applets. It is therefore strongly recommended to leave these parameters unchanged.
  Package Non Volatile Memory Size
  If necessary, specify the size of the executable load file (package) generated by the selected Converter tool.
  Installation Non Volatile Memory Size
  If necessary, specify the number of bytes of EEPROM memory required to store the applet�s objects and data arrays.
  Installation Volatile Memory Size
  If necessary, specify the number of bytes of RAM memory required for the applet�s transient data.
  Thanks in advance. Please post me a sample description.
  Regards
  Linga

  Hello everybody
  I have a question about the SimAlliance Loader for Javacards. I found this tool at www.simalliance.org.
  My question is about the "Memory Configuration", there are three fields to fill out.
  1. Package Non Volatile Memory Size (in bytes)
  2. Installation Non Volatile Memory Size (in bytes)
  3. Installation Volatile Memory Size (in bytes)
  as default is the value 00 00 what I have to put in there?
  In the Help File I could find following description:
  Memory configuration
  Enter the memory space required by the applet to be loaded and installed.
  Note:The default values proposed in the project settings are appropriate for most applets. It is therefore strongly recommended to leave these parameters unchanged.
  Package Non Volatile Memory Size
  If necessary, specify the size of the executable load file (package) generated by the selected Converter tool.
  Installation Non Volatile Memory Size
  If necessary, specify the number of bytes of EEPROM memory required to store the applet�s objects and data arrays.
  Installation Volatile Memory Size
  If necessary, specify the number of bytes of RAM memory required for the applet�s transient data.
  Thanks in advance. Please post me a sample description.
  Regards
  Linga

• [svn:fx-trunk] 8251: use 4.0.0.${build. number} as the token for the config files.

  Revision: 8251
  Author:   [email protected]
  Date:     2009-06-25 12:34:32 -0700 (Thu, 25 Jun 2009)
  Log Message:
  use 4.0.0.${build.number} as the token for the config files.
  bugs: no
  qa: yes
  checkintests: pass
  Modified Paths:
      flex/sdk/trunk/frameworks/air-config.xml
      flex/sdk/trunk/frameworks/flex-config.xml

  I had downloaded it for test, and requested for evaluation license...
  But I haven't got license, and also I am not able to find Flash Builder Plugins from HFCD site....
  I think those plugins are removed from site....
  Please help me, if anyone have those plugins...