For security-minded professionals, it is important that only the appropriate people gain access to data in a computer system. This is called authentication. Once users gain entry, it is also important that they only see data related to their role in a computer system. This is called authorization. For the zoo, you will develop an authentication system that manages both authentication and authorization. You have been given acredentials file that contains credential information for authorized users. You have also been given three files, one for each role: zookeeper, veterinarian, and admin. Each role file describes the data the particular role should be authorized to access. Create an authentication system that does all of the following:
* Asks the user for a username
* Asks the user for a password
* Converts the password using a message digest five (MD5) hash
* It is not required that you write the MD5 from scratch. Use the code located in this document and follow the comments in it to perform this operation.
* Checks the credentials against the valid credentials provided in the credentials file.
* Use the hashed passwords in the second column; the third column contains the actual passwords for testing and the fourth row contains the role of each user.
* Limits failed attempts to three before notifying the user and exiting the program.
* Gives authenticated users access to the correct role file after successful authentication.
* The system information stored in the role file should be displayed. For example, if a zookeeper’s credentials is successfully authenticated, then the contents from the zookeeper file will be displayed. If an admin’s credentials is successfully authenticated, then the contents from the admin file will be displayed.
* Allows a user to log out.
* Stays on the credential screen until either a successful attempt has been made, three unsuccessful attempts have been made, or a user chooses to exit.
* You are allowed to add extra roles if you would like to see another type of user added to the system, but you may not remove any of the existing roles.
* Below is the Credentials file to be used.
* credentials file: This file must be used to validate user logins. This is the passwords and logins and who they belong too, they are seperated by one tab length in each column, from what I`m told
griffin.keyes 108de81c31bf9c622f76876b74e9285f "alphabet soup" zookeeperrosario.dawson 3e34baa4ee2ff767af8c120a496742b5 "animal doctor" adminbernie.gorilla a584efafa8f9ea7fe5cf18442f32b07b "secret password" veterinariandonald.monkey 17b1b7d8a706696ed220bc414f729ad3 "M0nk3y business" zookeeperjerome.grizzlybear 3adea92111e6307f8f2aae4721e77900 "grizzly1234" veterinarianbruce.grizzlybear 0d107d09f5bbe40cade3de5c71e9e9b7 "letmein" admin
* Each user is part of a group. when they login the welcome screen for each group must have the following welcome screen. This is the Txt files that need to be read and displayed in the program
* These are the Txt files to use once the user logs in and is authenticated.
Zookeeper file:
Hello, Zookeeper!As zookeeper, you have access to all of the animals' information and their daily monitoring logs. This allows you to track their feeding habits, habitat conditions, and general welfare.Veterinarian file:Hello, Veterinarian!As veterinarian, you have access to all of the animals' health records. This allows you to view each animal's medical history and current treatments/illnesses (if any), and to maintain a vaccination log.
Admin file:
Hello, System Admin!As administrator, you have access to the zoo's main computer system. This allows you to monitor users in the system and their roles
* MD5 file: This is the actual MD5 file, just copied into this document.
import java.security.MessageDigest;
public class MD5Digest {
public static void main(String[] args) throws Exception {
//Copy and paste this section of code
String original = “letmein”; //Replace “password” with the actual password inputted by the user
MessageDigest md = MessageDigest.getInstance(“MD5”);
md.update(original.getBytes());
byte[] digest = md.digest();
StringBuffer sb = new StringBuffer();
for (byte b : digest) {
sb.append(String.format(“%02x”, b & 0xff));
}
//End copy/paste
System.out.println(“original:” + original);
System.out.println(“digested:” + sb.toString()); //sb.toString() is what you’ll need to compare password strings
}
}
Reviews
There are no reviews yet.