Friday, June 09, 2006

olite.key in Oracle Lite (10.2.0.2)

In one of my current projects, we are using external authenticator mechanism coming with Oracle Lite to authenticate with some existing authentication Webservice. During our test, we ran into an interesting finding of Oracle Lite authenticator machanism: the olite client download from one mobile server contains a key file: olite.key, which contains a public key specific to THE mobile server where you download the olite client. When you synchronize with that specific mobile server with the corresponding olite.key existing on the client, the external authenticator will be triggered. Otherwise, the extrenal authenticator will not be triggered and the sync will end up in failure.
With that observation, we concern that some changes on the mobile server will cause all the existing mobile clients need to re-download and re-install the olite client. To get over this concern, we went over all the Oracle Lite documentation and searched metalink, neither of them ever mentioned this olite.key file. We also opened a TAR in metalink, there was little help either.
Fotunately, we did our own work and made some findings, (the following summary is based on my tests, there is no guarantee):
When you plug external authenticator into Oracle Lite Mobile Server, the mobile server will generate a key pair (public and private keys) and encrypted them into a file: olite.key, which is saved into mobile server application devmgr directory. When client download from the mobile server, the public key part will be pulled down to client saved into a olite.key file on client side. This key pair will control whether the external authenticator will be triggered or not.
You may ask what factors contribute to this key pair. We found that ORACLE_HOME, HOST_NAME are used to generate the keypair.

No comments: