I have an existing Java web application running through IBM WebSphere (I'm unsure of the version, but could find out if it helps) that I am looking to implement two factor authentication with.
The system has a decent user base, and I wanted to distribute hardware tokens to the admin users of the system to ensure strong authentication.
Minimal impact to the end user is desirable, but I'd like to avoid having the admins need to go through a VPN connection.
Does anyone know of any products that provide Java APIs that could be directly integrated into the existing application or other products that will provide a minimal impact? I've already spoken with RSA SecurID, but their system wouldn't integrate directly and would require an infrastructure change. Any other ideas/experience is greatly appreciated.
For posterity, I've just posted my simple Java two factor authentication utility class to Github. With it, you can do something like the following:
TwoFactorAuthUtil twoFactorAuthUtil = new TwoFactorAuthUtil();
// To generate a secret use:
// String base32Secret = generateBase32Secret();
String base32Secret = "NY4A5CPJZ46LXZCP";
// now we can store this in the database associated with the account
// this is the name of the key which can be displayed by the authenticator program
String keyId = "[email protected]";
System.out.println("Image url = " + twoFactorAuthUtil.qrImageUrl(keyId, base32Secret));
// we can display this image to the user to let them load it into their auth program
// we can use the code here and compare it against user input
String code = twoFactorAuthUtil.generateCurrentNumber(base32Secret);
// this little loop is here to show how the number changes over time
while (true) {
long diff = TwoFactorAuthUtil.TIME_STEP_SECONDS
- ((System.currentTimeMillis() / 1000) % TwoFactorAuthUtil.TIME_STEP_SECONDS);
code = twoFactorAuthUtil.generateCurrentNumber(base32Secret);
System.out.println("Secret code = " + code + ", change in " + diff + " seconds");
Thread.sleep(1000);
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With