Posted on January 26, 2010 by pjeriksson

NSD1189 How to Install One Time Password Server Prefetch JSP Web Application on Tomcat

Fact

Nordic Edge One Time Password Server, Tomcat, Prefetch JSP Web Application.

Situation

Installation of the One Time Password Prefetch JSP Web Application.

Solution

The OTP prefetch application ships with two pages (two different scenarios). 

  • Self Service – selfService.jsp is a self service page. Users logs in to generate a number of prefetch passwords, distributed by SMS or e-mail. 

  • Centralized Administration - centralizedAdmin.jsp is a centralized administration page. An "OTP prefetch password administrator" logs in to generate a number of prefetch passwords, for a selected user account, distributed by SMS or e-mail.

System Requirements

  • Nordic Edge One Time Password Server 1.6 or later

  • Tomcat 6.0 or later, installed with Java JDK (not JRE)

Prerequisites

  • Nordic Edge One Time Password Server installed and configured to use SMS or e-mail to send OTP

Installation

  • Download the PrefetchOTP.war

  • Copy the PrefetchOTP.war to the tomcat/webapps directory, for instance C:\Program Files\apache-tomcat-6.0.20\webapps on a Windows 2003 Server

The Tomcat Web Server will now deploy (if the tomcat service is started) the web archive into a directory
called PrefetchOTP under the webapps directory.

Configuration

  • Open the file ..PrefetchOTPconstants.jsp with a text editor (example below)

  • Modify the string values to match your environment

/*———————-Settings section start——————————————————————*/

//OTP Server settings
String otpServerHostaddress = "localhost"; //The OTP Server IP address
String otpServerPortNumber = "3100"; //The OTP Server portnumber

//Language and culture support
String language = "en"; //"sv" for Swedish. "en" for English. NOTE: The current browser language settings is used if 'language' is set to ""
String country = "US"; //"SE" for Sweden. "US" for United States.

/*———————-Settings section end——————————————————————*/

[Optional Configuration] – Redirect the application in the …webappsPrefetchOTPindex.jsp
Index.jsp gives the option to configure the application URL. The self service page is configured as the default page:

//OTP Prefetch Self Service Page
response.sendRedirect("selfService.jsp");

//OTP Prefetch Centralized Admin Page
//response.sendRedirect("centralizedAdmin.jsp");

To enable centralized administration as default page:
Remove the slashes (//) from the line “response.sendRedirect( "centralizedAdmin.jsp");” and and two slashes in front of the "response.sendRedirect("selfService.jsp")".

//OTP Prefetch Self Service Page
//response.sendRedirect("selfService.jsp");

//OTP Prefetch Centralized Administration Page
response.sendRedirect("centralizedAdmin.jsp");

Verify that the Web Application is working as expected:

Figure: The selfService.jsp Page

To change configuration default values modify the Content of selfService.jsp or centralizedAdmin.jsp (optional configuration)

To change the default value (5) in “Numbers of…” to, for instance 10, make following changes:

<option>5</option>
<option selected>10</option>

…and to add another digit

<option>25</option>
<option>35</option>
<option>45</option>

If you want to add an item or a method, in this case “chatAttribute” and Chat, to the “Send via” drop down list, just add the tags below:

<select name="dlSendAttrib" >
<option value="mobile" selected >SMS</option>
<option value="mail" >Email</option>
<option value="chatAttribute" >Chat</option>
</select>

AND add the Chat option to the Java code:    
if (sendWith.equals("SMS"))
{

    sendWith = "mobile";
} else if (sendWith.equals("Email"))
{
    sendWith = "mail";
} else if (sendWith.equals("Chat"))
{
    sendWith = "chatAttribute";
}

Configuration for the Centralized Administration Page – centralizedAdmin.jsp

The centralizedAdmin.jsp works the same as the selfService.jsp except for following differences:

  • The account used to generate the prefetch passwords must be an "OTP prefetch administrator"
  • The centralized administration may want to receive the generated OTP's instead of users receiving them

Additional Configuration:

  • How to configure an "OTP prefetch administrator" in the OTP Server, see NSD1183
  • How to configure the OTP Server to send an e-mail containing prefetched OTP's to a static "OTP prefetch receiver", see NSD1184.

Figure: The centralizedAdmin.jsp page


One Time Password Server Configuration

Now, you must add the Tomcat Web Server as a client object in the One Time Password Server configuration.
How to add a client is described in the One Time Password Server 3.0 – Administrators Manual, section
13 Client Configuration.

Disclaimer

The origin of this information may be internal or external to Nordic Edge™. Nordic Edge™ makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Nordic Edge™ makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.
Nordic Edge Support – www.nordicedge.se

Download article as PDF

Comments are closed.