Click here to Skip to main content
15,880,608 members
Search within:


Generate RSA SecurID soft token using C#?
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
C#
security
SecurID
One of my clients stores data on a third-party web app that uses RSA's SecurID[^] token system for authentication (more info here[^]). A browser toolbar is installed in IE in place of a hardware token generator, and it generates a new soft token every 60 seconds.

The user enters a username and a passcode on the site, and clicks a button on the toolbar, which automatically enters a serial number and the soft token for the user, allowing the user to log in.

I've now been asked to write a C# app to do an automated login and download of data from the site, but since it uses the SecurID system I can't just send the site a POST request with a username and password - I have to somehow generate a soft token and send it as well.

I know that the tokens are based on the virtual serial number of the soft token generator, along with the current time, etc (I'll have access to all info I'd need). But I don't know the specific algorithm used and haven't been able to find out how to generate these soft tokens from within my automation app. Is there a common algorithm I should look for, or a component I can call in my app to perform this function?
Posted
Updated 21-Mar-18 5:17am
Add a Solution

2 solutions

I ended up making my automation app open up IE and grab the serial number and passcode off the RSA soft token toolbar. This would be an issue for some types of apps, but it did the trick for this one.
 
Share this answer
 
Posted
Comments
emanuelevacca 21-Mar-18 11:16am    
I have a rsa hardware token. To access a web page I must insert username, password and pin+token.
On my tool I request and parse webpages with http post method avoiding the user to perform many mouse click. My tool was working until the administrator decided to implement secure access on website. How could I implement the secure login on my tool? Could I use something similar to your solution2? How do you use the credentials against the third party server?
SecureID can only be provided by Third party who is managing it so
can u develop webservice accessable to authenticated users (like u) to get secureID for specified username from third party and for automated login purpose use those credentials. I know it is double trouble but only Third party can provide you SecurID. I know for this work around and may need approval from higher level.
 
Share this answer
 
Posted
Comments
J. Dunlap 17-Nov-10 17:05pm    
If they can generate it, then given the same data, I should be able to do the same. I found some info related to generating it, but decided it was not worth the time (with a fixed budget on the project).
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
RSA keys generation problem
RSA Encryption error
how to use RSA or des,md5 TO make a random number generator?
Problem with RSA Keys
How to generate access token by using jwt ?
Oauth confusion about token generation
Generating a windows token with SID
RSA KEY GENERATION using 128 , 256 and 512bits
How to generate signature of a XML content using RSA algorithm?
Encrypt a file using RSA Algorythm

Advertise
Privacy
Cookies
Terms of Use
Last Updated 21 Mar 2018
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900