One time password example

 

This topic includes a simple perl example for simulating external authentication with one time password.


Important: This is meant as a dummy example to illustrate a point, it is not to be used in production!

It generates a file called test_changing_password.txt which includes the current password (think of it as a current state of the RSA SecurID token) that increases with every successful login, for simplicity purposes it does not change through time, but it should be enough to illustrate the point.

Save the code below as test_changing_password.pl, create a scripts subdirectory within your ISL Conference Proxy directory and place the file there. Pick the appropriate external authenticator string for your platform and follow the steps mentioned in the parent topic to set it for a certain domain and test it.


Note: You can always check the test_changing_password.txt file to see the current password.

test_changing_password.pl file:

use strict;

use IO::File;



# windows external authenticator setting:

# perl;scripts\test_changing_password.pl;

#

# unix external authenticator setting:

# /usr/bin/perl;scripts/test_changing_password.pl;



my %params = ();

for(my $i = 1; $i < scalar(@ARGV); $i += 2) {

       $params{$ARGV[$i-1]} = $ARGV[$i];

}



if($params{'DOMAIN'} eq 'authentication') {

       if($params{'USERNAME'} eq 'testx') {

               my $pwd = $params{'PASSWORD'};

               my $last_pwd = -e 'test_changing_password.txt' ? join('', IO::File->new('test_changing_password.txt')->getlines()) : '1';

               if($last_pwd eq $pwd) {

                       IO::File->new('test_changing_password.txt', 'w')->write('' . ($pwd + 1));

                       print "OK";

               } else {

                       print "FAILED - password should be '$last_pwd'";

               }

       } else {

               print "FAILED - username should be testx";

       }

} else {

               print "FAILED - domain should be authentication";

}
Tags: isl conference proxy, integration, external authentication

Was this article helpful?