2-16 Developers Guide for Oracle Access Manager and Oracle Security Token Service if authnScheme.isForm { System.out.printlnForm Authentication Scheme.; Hashtable creds = new Hashtable; creds.putuserid, ms_login; creds.putpassword, ms_passwd; UserSession session = new UserSessionrrq, creds; if session.getStatus == UserSession.LOGGEDIN { if session.isAuthorizedrrq { System.out.printlnUser is logged in and authorized for the +request at level + session.getLevel; } else { System.out.printlnUser is logged in but NOT authorized; } user can be loggedout by calling logoff method on the session object } else { System.out.printlnUser is NOT logged in; } } else { System.out.printlnnon-Form Authentication Scheme.; } } else { System.out.printlnResource is NOT protected.; } } catch AccessException ae { System.out.printlnAccess Exception: + ae.getMessage; } ac.shutdown; } }

2.6.2.2.1 Annotated Code: JAccess Client.java Import standard Java library class

Hashtable to hold credentials. import java.io.Hashtable; Import the library containing the Java implementation of the Access SDK API classes.: import oracle.security.am.asdk.; This application is named JAccessClient. public class JAccessClient { Since this is the simplest of example applications, we are declaring global constants to represent the parameters associated with a user request for access to a resource. Typically, a real-world application receives this set of parameters as an array of strings passed from a requesting application, HTTP FORM-based input, or command-line input. For example: public static final String ms_resource = Example.com:80secretsindex.html; public static final String ms_protocol = http; public static final String ms_method = GET; public static final String ms_login = jsmith; public static final String ms_passwd = j5m1th; Launch the main method on the Java interpreter. An array of strings named argv is passed to the main method. In this particular case, the user jsmith, whose password is j5m1th, has requested the HTTP resource