Jon Swanson

I could use some help getting started on this problem.

I have a Java program that currently you click a desktop icon and it runs. There is a new requirement that first a login prompt must be displayed and the user authenticated before the program starts.

The program is run on a standalone PC with the requirement that no connections over the internet should be made.

Why logging into the PC is not sufficient is beyond me- I have to implement the requirement, I didn't request it.

I believe that for secure authentication, only an admin should be allowed to create usernames and passwords.

My initial thought was to buy a third party program that started a DLL authentication service on start-up and had a tool to administers passwords.

Then the only Java would be to connect to the DLL and I think I can figure that out.

However, I've been Googling for a vendor of such a program and have come up short. Does anyone have a suggestion?

If that is not a good way to go, could I get some tips on how to build my own? I'm thinking a database owned by admin. I'm just not sure how an average user would query it and whether that is considered sufficient security. Presumably I would store only encrypted usernames and passwords and compare that. I've never had the requirement to lock down a program before.

I started out with a not asking too much of JavaHelp.

        url    = HelpSet.findHelpSet( loader, myhelpset );         hs     = new HelpSet( loader, url );         hb     = hs.createHelpBroker( "MyHelp" ); // // Help button        CSH.setHelpIDString( menuItem, "ma" );        menuItem.addActionListener( new CSH.DisplayHelpFromSource( hb ) ); // // Context sensitive help        hb.enableHelpKey( isopanel, "il", hs );

isoPanel is a JPanel in the main dialog and "il" is an entry in the help TOC that refers to that topic.

If I hit the help button, Help comes up and the main help topic is displayed.

If I press F1 in isoPanel, the topic changes to "il"

Then I got greedy. I was asked to create a lot of sub-dialogs. I wanted F1 to work there also.

So I created a class that takes the HelpSet and HelpBroker that I created in the main dialog. It is a singleton that all the subdialog creation code can access. It has only one method-

/** * Set a specific help entry using the current help broker and help set * * @param c       component to get help * @param helpKey help entry to display */   public void setHelpEntry( Component c, String helpKey )   {      if ( hs == null ) return;      if ( hb == null ) return; // // helpKey refers to the appropriate entry in the Help TOC      hb.enableHelpKey( c, helpKey, hs );   }

What I ended up with is a total mess. Sometimes the current Help dialog is updated with the new topic. Other times, a second Help dialog appears. If that happens the existing Help dialog becomes disconnected, i.e., you can't use the navigation keys or close it. Sometimes, when I have a modal subdialog, the second Help dialog closes when the sub-dialog is closed. But the original Help dialog no longer works and can only be closed by closing the entire Java application, which also results in null pointer complaints.

I've been trying to sort this out reading the oracle documentation. I just don't see why I am getting multiple Help dialogs using when HelpBroker and one HelpSet.

Can anyone give me some tips on what I should do to resolve/understand this problem?

Exception in thread "AWT-EventQueue-0" java.lang.NullPointerException        at javax.help.WindowPresentation$2.windowClosing(WindowPresentation.java :1015)        at java.awt.Window.processWindowEvent(Window.java:1871)        at javax.swing.JFrame.processWindowEvent(JFrame.java:274)        at java.awt.Window.processEvent(Window.java:1829)        at java.awt.Component.dispatchEventImpl(Component.java:4660)        at java.awt.Container.dispatchEventImpl(Container.java:2097)        at java.awt.Window.dispatchEventImpl(Window.java:2489)        at java.awt.Component.dispatchEvent(Component.java:4488)        at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:668)        at java.awt.EventQueue.access$400(EventQueue.java:81)        at java.awt.EventQueue$2.run(EventQueue.java:627)        at java.awt.EventQueue$2.run(EventQueue.java:625)        at java.security.AccessController.doPrivileged(Native Method)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:87)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:98)        at java.awt.EventQueue$3.run(EventQueue.java:641)        at java.awt.EventQueue$3.run(EventQueue.java:639)        at java.security.AccessController.doPrivileged(Native Method)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:87)        at java.awt.EventQueue.dispatchEvent(EventQueue.java:638)        at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThre ad.java:269)        at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread. java:184)        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThre ad.java:174)        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)        at java.awt.EventDispatchThread.run(EventDispatchThread.java:122) Exception in thread "AWT-EventQueue-0" java.lang.NullPointerException        at javax.help.WindowPresentation$2.windowClosing(WindowPresentation.java :1015)        at java.awt.Window.processWindowEvent(Window.java:1871)        at javax.swing.JFrame.processWindowEvent(JFrame.java:274)        at java.awt.Window.processEvent(Window.java:1829)        at java.awt.Component.dispatchEventImpl(Component.java:4660)        at java.awt.Container.dispatchEventImpl(Container.java:2097)        at java.awt.Window.dispatchEventImpl(Window.java:2489)        at java.awt.Component.dispatchEvent(Component.java:4488)        at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:668)        at java.awt.EventQueue.access$400(EventQueue.java:81)        at java.awt.EventQueue$2.run(EventQueue.java:627)        at java.awt.EventQueue$2.run(EventQueue.java:625)        at java.security.AccessController.doPrivileged(Native Method)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:87)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:98)        at java.awt.EventQueue$3.run(EventQueue.java:641)        at java.awt.EventQueue$3.run(EventQueue.java:639)        at java.security.AccessController.doPrivileged(Native Method)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:87)        at java.awt.EventQueue.dispatchEvent(EventQueue.java:638)        at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThre ad.java:269)        at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread. java:184)        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThre ad.java:174)        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)        at java.awt.EventDispatchThread.run(EventDispatchThread.java:122) Exception in thread "AWT-EventQueue-0" java.lang.NullPointerException        at javax.help.WindowPresentation$2.windowClosing(WindowPresentation.java :1015)        at java.awt.Window.processWindowEvent(Window.java:1871)        at javax.swing.JFrame.processWindowEvent(JFrame.java:274)        at java.awt.Window.processEvent(Window.java:1829)        at java.awt.Component.dispatchEventImpl(Component.java:4660)        at java.awt.Container.dispatchEventImpl(Container.java:2097)        at java.awt.Window.dispatchEventImpl(Window.java:2489)        at java.awt.Component.dispatchEvent(Component.java:4488)        at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:668)        at java.awt.EventQueue.access$400(EventQueue.java:81)        at java.awt.EventQueue$2.run(EventQueue.java:627)        at java.awt.EventQueue$2.run(EventQueue.java:625)        at java.security.AccessController.doPrivileged(Native Method)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:87)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:98)        at java.awt.EventQueue$3.run(EventQueue.java:641)        at java.awt.EventQueue$3.run(EventQueue.java:639)        at java.security.AccessController.doPrivileged(Native Method)        at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessCo ntrolContext.java:87)        at java.awt.EventQueue.dispatchEvent(EventQueue.java:638)        at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThre ad.java:269)        at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread. java:184)        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThre ad.java:174)        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:169)        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:161)        at java.awt.EventDispatchThread.run(EventDispatchThread.java:122)

Turns out there was one case in the UI where you did need to press enter in a text field. There is a spinner where you can click the arrows to increment/decrement or enter the value directly. I did not have a listener checking for loss of focus there, so you had to press Enter. Once that was noticed it was treated as a huge bug that had to be immediately fixed.

What I don't understand is what is special when I am clicking on a menu item in the menu bar that causes focus in a text field to be lost and then regained. If the focus never left the text field, that would not have been too surprising, but once focus is lost, returning it to the text field seems a bit odd. In fact, if I click on a different part of the menu bar, where this is no menu item, focus is lost from the text field, end of story.

There is what is now an expensive calculation that needs to run when the text field value changes.

Sitting on the text field and updating every keystroke is too expensive (numbers are being input, so there is no obvious way of knowing the entry is not complete)

The client rejected requiring a button to indicate the entry was complete
The client rejected requiring the Enter key be pressed to indicate the entry was complete

The 'requirement' is that the method run when the user goes to the next panel (or tab in the current panel) or any other UI element where next could be anywhere in the UI, the workflow is not sequential.

My implementation of running the method when the text field lost focus seemed to be sufficient.

Then new functionality was added and put a couple levels deep in the menu bar menu. Now the method is running multiple times and actually interferes with the new functionality, which assumes the method has completed.

So either I need a different method to determine that the user is done entering data (and running the method) or I have to understand better how to shift the focus when the user clicks anywhere in the UI (and not just most places).

The goal was to run a method when the focus shifted off the test field. But I only want to run the method once. I thought that when I switched to another component the focus would be lost from the text field and the only way the test field would regain focus is if I clicked in it again.

Apparently this is true if I click in a different text field. That gets the focus and the method runs once.

When I click on a menu item in the menu bar, the focus is 'lost' and the method runs. Yet the text field gets the focus back. If I have a look-aside on the menu, the method runs once when I first bring up the menu (text field loses focus, then gets it back) and then runs again when I go to the look aside menu (text field loses focus and gets it back).

What I would like is some approach that once the text field has lost focus it stays lost until I enter the text field again.

And as I said, the only time I have a problem is when going to a menu item.

I tried changing the focus to the menu bar, that did not work. I tried what I thought would advance the focus to the next item in the focus hierarchy, that did not seem to work, and I tried to just clear the focus and that did not work.

I ran into this problem is some code I am trying to extend.

There is a text field in the GUI and the goal was that when a user switched to a different panel in the GUI, an observable would be updated.

What was done was to put a focus listener on the text field

class FieldListener implements FocusListener {        @Override        public void focusLost(FocusEvent e)        {           try           {                 double d = Double.parseDouble(textRH.getText());                 myObservable.setField(d);           }           else           {                 myObservable.setField(Double.NaN);           }     }

That works most of the time. If you select things like text fields and combo boxes, no problem.

However, the GUI has a menu bar. If I click on an item in the menubar, I see focus shift off the text field. But it goes right back to the text field once the menu action is completed.

I tried running either menubar.requestFocus() or menubar.requestFocusInWindow(), but the focus still goes back to the text field when the menu action is completed.

I tried adding

            KeyboardFocusManager.getCurrentKeyboardFocusManager()                                  .clearGlobalFocusOwner();
or
             KeyboardFocusManager.getCurrentKeyboardFocusManager()                                  .focusNextComponent();
after setting the observable in the focusLost method. The focus still returns to the text field.

The same problem happens for righ-click menus attached to graphs and tables.
This is a problem because one of the observers of that observable now spends a lot of time processing the event from the observer. Once is enough!

Is there some standard method I should used to switch/remove focus from that text field?

Thanks,

Yesterday I had said I was thinking of generating the password with PBKDF2 and Salt. So I believe I'm good on that part. I was really asking how to securely save and access the hash. It sounds like if I am going to implement my own security, I should be thinking about an authentication service.

My method of encryption was going to be to hash them and compare the hashed values for authentication. I was a bit loose with the terminology, sorry. I was mostly concerned with where to put them.

Thank you all for the discussions.

A quick aside- I have an interesting environment in that software is often run on the computers that also run the analysis hardware. The vendor of the hardware supplies software that does not run on Windows 10. So recent equipment purchases are still split between Windows 7 and Windows 10. When I can get away with it, I've been running Kubunto (sorry, not MacOS), as recovering from arbitrary Windows 10 updates wastes a lot of time.

That said, I believe that just using Windows accounts to regulate access to the software makes the most sense. That was my original suggestion to the users, you've convinced me I should try harder to push that solution.

If that is not considered acceptable, my problem was that I was thinking of generating and storing encrypted passwords, but wasn't sure how to keep the file/database of stored encrypted passwords safe. An authentication server seems right.  Now I have a direction, Google might be my friend again!

Thanks.

Sorry, should have been more specific. Though at this point I am pretty flexible. I have a Java program that is started java -jar program.java. There is no password support in it right now. I was thinking of generating the password with PBKDF2 and Salt. I don't think creating a hashed password to store should be a problem. I'm just not sure what a good process is for getting the passwords initially created and then accessed by the program. There will be no database server running, I prefer not to edit the Windows registry. Short of that, there are no restrictions except  I am running on Windows. This application runs locally, there is no web/cloud component. Is this helpful? I am not sure I know enough on the topic to ask a good question and Google has not been helpful.

I've had a request to password protect a program. In my mind there are two parts to the problem- generating and authenticating usernames and passwords, this seems straightforward and there are plenty of examples on the web, and restricting access to who can create and manage the usernames and passwords.

I may just not be thinking about this correctly, but my desire would be to have a program requiring administrative access to generate new username/passwords and only allow the program and the administrator to see the file/database where these are stored.

I will be running Windows 7/8/10 and have not had any luck allowing Java to run in an administrative account or run AUC.

Before I go too far down this path, could I get a little help understanding what people do?

Mostly I was just being lazy. I could have calculated the amount of time that the process took, subtracted that from the 2000 ms I am currently using as the minimum time to display the dialog and used Thread.sleep() for the remaining time (if any). I did try changing the wait method to sleep for 100 ms before checking to see if the full 2000 ms was exhausted. Making no change, making the change I mentioned or leaving out the wait altogether doesn't affect the problems I am having with the update and the former two produce identical results even on short updates. The average time required for the update is longer than 2000 ms, so I wasn't focused on that bit of the code. But you are right, it would make more sense to calculate the time left and just sleep.

For what's it's worth, I modified my original method in two ways.

1. Removed the line that posted the dialog

  public void runDataUpdate( final JDialog   statusDialog,                              final Boolean[] success )   {      SwingUtilities.invokeLater(         new Runnable()         {            public void run()            {               new Thread()               {                  @Override                  public void run()                  {                     long endTime; // I want the dialog to display for at least two seconds                     endTime = Calendar.getInstance().getTimeInMillis() + 2000L; // Run the update                     success[ 0 ] = updateValues(); // Eat up the remainder of the two seconds not used to update values                     waitOnDisplay( endTime ); // Undisplay the dialog                     statusDialog.setVisible( false );                  }               }.start();            }         }      ); // Do not show the dialog //      statusDialog.setVisible( true );   }

2. Ran the calculation in the EDT

public void runDataUpdate( final JDialog   statusDialog,                              final Boolean[] success )   {      SwingUtilities.invokeLater(         new Runnable()         {            public void run()            {                      long endTime; // I want the dialog to display for at least two seconds                     endTime = Calendar.getInstance().getTimeInMillis() + 2000L; // Run the update                     success[ 0 ] = updateValues(); // Eat up the remainder of the two seconds not used to update values                     waitOnDisplay( endTime ); // Undisplay the dialog                     statusDialog.setVisible( false );            }         }       );      statusDialog.setVisible( true );   }

In either case, the elapsed time to run the update averaged about 5 s, whereas using either the original runnable or the callable, the elapsed time averaged 14 s. The latter option meets my requirements. I believe that doing better than this would require refactoring updateValues, which is not something I can do as part of this project.

I started thinking over what the code was originally intended to do. The goal was to provide immediate response whenever a user entered data anywhere in the UI. So for example, the table is hooked to an ObservableValue. If the user changes data in any cell, the observable is updated, which notifies half a dozen other elements of the program which all update based on the change. Likewise, other elements of the UI could also be changed, again notifying all, the observers, including the table, which has columns that update on any change to the data, anywhere in the UI.

Originally, the calculations that were requested were all fast, i.e., tens of ms at most. Things have changed by adding UI elements that while they still either set objects in the observable or respond to changes in the observable, they take a long time to get their work done. Which created the request to post a "Just a minute..." dialog while they were working through their calculations.

I think that is where some of the problems occur. Press button -> update observable -> notify observers -> calculations -> update UI currently does not separate the set of calculations from the UI update because they used to be fast. I am actually trying to get the "Just a minute..." to post when I run a method that has been in the code from the start that updates the table, which updates the observable, which notifies the observers, which triggers calculations, which update other parts of the UI. But if I run that method in a thread other than the EDT, I think I am ending up with the final UI update running in that other thread also and then the table update is really slow. And, in fact, the button is not in a class that has any methods that are slow (it just updates a parameter in the observable), it is one of the other classes that is an observer that has the slow piece in it. That class usually needs to be silent, except, it has been requested that in one specific case, the user is warned. So I was trying to post the dialog from the class with the button that implements that one case. That is no longer sounding like a good idea.

A number of the questions you brought up come from trying to reduce a large application to a small example. In the full application, there is a GUI that contains a table and a number of options to run calculations on the data in the table. It is very important that there is no user interaction with the GUI while the calculations are running. TestUpdateStatus is a stand-in for the main application. The calculations can run for up to 30 seconds and some are not even run in Java. The updateValues in the code I posted is a stand-in for one of those calculations. As you said, it does nothing except act as a placeholder. It is also possible that the calculations run for 0.1 seconds. In that case the statusDialog goes up and down too fast to read. So the wait method was intended to force the status dialog to display for a minimum of two seconds. My thought was the updateValues would run and use whatever resources and time it needed. When it finished, if two seconds had not elapsed, wait would run and use up the remaining time. At that point I didn't think I had to worry about wasting resources.

I think the key point is related to the "arrow code." I had actually tried implementing a progress bar at one point. I could write simple examples that worked great, but trying to insert them into the real application never worked. Either the progress bar did not display or it never posted any progress. Very frustrating. I thought it might be due to the fact that since user interaction should be disabled when calculations where running, I was running afoul of code somewhere else that someone put in to enforce that behavior. But since there is general agreement the code doesn't look right, I will try again to take it off the EDT.

I did learn one way to improve the code. Runnable does not allow you to return a value, but Callable does, by using a Future variable. So my code now looks like this:

  public class DataUpdateCallable implements Callable<Boolean>   {      final JDialog statusDialog;      DataUpdateCallable( final JDialog statusDialog )      {         this.statusDialog = statusDialog;      }      public Boolean call()      {         long endTime;         endTime = Calendar.getInstance().getTimeInMillis()                      + 2000L;         Boolean success = updateValues();         waitOnDisplay( endTime );         statusDialog.setVisible( false );         return success;      }   }
  public boolean runDataUpdateCallable( final JDialog statusDialog )   {      ExecutorService pool    = Executors.newFixedThreadPool( 1 );      Future<Boolean> success = pool.submit(                         new DataUpdateCallable( statusDialog ) );      statusDialog.setVisible( true );      pool.shutdown();      try      {         return success.get();      }      catch ( InterruptedException ie )      {         return false;      }      catch ( ExecutionException   ee )      {         return false;      }   }

The behavior is identical to the previous code. The table still seems to update slowly, i.e. I see each row paste one at a time. Before I tried to have a status dialog, the whole table posted at once.

I am going to go back and read more about pools and SwingWorker. I am also going to add a table to my simple example. I wouldn't be surprised if a simple example updated the table smoothly and the large application did not. I might also add a pause in the wait, so it doesn't check the time as often. Though, as I said, I thought it was just spinning its wheels until it was time to close the status dialog, so didn't need to be very smart.