Recovering roaming credentials

See below for how to create roaming credentials as a new roaming profile.

Requesting an authorization code

Request an authorization code from the PKI Administrator.

AuthorizationCode authCode = new AuthorizationCode(...);

Requesting a reference number

Request a reference number from the PKI Administrator.

SecureStringBuffer refNo = new SecureStringBuffer(...);

Obtaining the user password

Prompt the user for the password.

SecureStringBuffer pwd = new SecureStringBuffer(...);

A user's password must contain the following.

  • at least 8 characters

  • at least one uppercase character

  • at least one lowercase character

  • at least one numeric character

A user's password may contain the following.

  • non-alpha-numeric characters

  • uppercase and lowercase characters

  • spaces

  • repeated characters

By default, a user's password has no expiry date, but if a user changes a password, it cannot be the same as one of the previous eight passwords chosen by that user.

Requesting an entrust.ini file

Request an entrust.ini file from the PKI Administrator.

String iniFile = new String(...);

Requesting a roaming user identifier

Request a roaming user identifier from the PKI Administrator.

String roamingUserId = new String(...);

Instantiating the credential recovered

Instantiate a CredentialRecoverer object, using the authorization code and reference number previously obtained.

CredentialRecoverer credCreator = new CredentialRecoverer(refNo, authCode);

Creating a user

Create a user object.

com.entrust.toolkit.User user = new User();

Connecting to the key management server

Connect to the CA key management server and the Directory, specifying IP addresses and port numbers for both entities.

ManagerTransport mt = new ManagerTransport(<ip>, <port>);
JNDIDirectory jndiDir = new JNDIDirectory(<ip>, <port>);
user.setConnections(jndiDir, mt);

The default timers are set to 0 (no limit). This can cause long wait times if your environment has network-related issues. Use the setters to set reasonable timer values for your network.

Setting the roaming credential writer

Set a credential writer object, in this case, a RoamingCredentialWriter to connect with the roaming server.

RoamingCredentialWriter writer = new RoamingCredentialWriter(user id, "entrust.ini");
user.setCredentialWriter (profileWriter);

Logging the user

Log in the user with the selected credentials.

user.login(credReader, <password>);