Main Page
MSISDN Auth Module
This document explains how to compile,
deploy
and run the MSISDN Auth Module program.
About MSISDN Auth Module
The MSISDN authentication module will make it possible to perform non-interactive
authentication based upon the unique ID of a particular handset. (The unique
ID of the handset could be its MSISDN. It will be possible to determine
the "user" based on the MSISDN). MSISDN might not be sent in the
HTTP request to protect users' privacy. But, the wireless carriers or an
agreement with the carriers can enable the forwarding of the MSISDN number
in the HTTP request. Forwarding the number is also not a standard, Nokia
WAP gateways forward it in the X-Nokia-MSISDN header, UP gateway use the
Cookie header, Ericsson uses the query string and Kannel gateway (on POSTs)
forwards it in the body. So, this Auth module has configuration information
to specify if the MSISDN is in the header, query string or in the body
AND the name of the header, Query string name or the argument in the body.
On Solaris
Steps to compile the MSISDN Auth Module program on Solaris
-
Set the following variables in the Makefile. This Makefile is in the
same directory ("<install-root>/SUNWam/samples/authentication/spi/msisdn")
as the MSISDN Auth Module program files.
-
JAVA_HOME
Set this variable to your installation of JDK. The JDK should be
newer than JDK 1.3.1.
-
CLASSPATH
Set this variable to refer to the following jars found in
the
<install-root>/SUNWam/lib directory.
am_services.jar, am_sdk.jar, servlets.jar
(Note: Include jaas.jar in your classpath if you are using JDK
version less than JDK1.4)
-
BASE_CLASS_DIR
Set this variable to the directory where all the Sample compiled
classes are located.
-
JAR_DIR
Set this variable to the directory where the JAR files of the Sample
compiled classes will be created.
-
Go to the <install-root>/SUNWam/samples/authentication/spi/msisdn"
directory and run gmake.
Steps to deploy the MSISDN Auth Module program
-
Copy MSISDN.jar from JAR_DIR to <install-root>/SUNWam/web-src/services/WEB-INF/lib
-
Update classpath with MSISDN.jar in the Web Container from which
this sample has to run. For use with Sun ONE Webserver, go to server instance's
config directory /<WS-home-dir>/https-<WS-instance-name>/config/.
For Sun ONE App Server <AS-home-dir>/domain/domain1/server1/config/
and update server.xml with new classpath.for all other containers consult
their documentation
-
Copy MSISDN.xml from <install-root>/SUNWam/samples/authentication/spi/msisdn/
to <install-root>/SUNWam/web-src/services/config/auth/default.
-
Modify amAuthMSISDN.xml (available in <install-root>/SUNWam/samples/authentication/spi/msisdn)
to provide proper ORG_BASE. It should be the root suffix of the Identity
Server.
-
Import amAuthMSISDN.xml (available in <install-root>/SUNWam/samples/authentication/spi/msisdn)
using amadmin to load iPlanetAMAuthMSISDNService
-
cd <install-root>/SUNWam/bin
-
./amadmin --runasdn uid=amAdmin,ou=People,<default_org>,<root_suffix>
--password <password> --schema amAuthMSISDN.xml
-
Copy amAuthMSISDN.properties (available in <install-root>/SUNWam/samples/authentication/spi/msisdn)
to <install-root>/SUNWam/locale
-
Update the ldap schema with <install-root>/SUNWam/samples/authentication/spi/msisdn/amAuthMSISDN.ldif
using 'ldapmodify' command in LDAP Server
e.g. <install-root>/SUNWam/bin/ldapmodify -h <dshostname>
-p <dsport> -D "<ldapbinduser>" -w <ldabinddn> -v -f <install-root>/SUNWam/samples/authentication/spi/msisdn/amAuthMSISDN.ldif
-
Redeploy services war file by running corresponding install script
depending upon the web container on which these samples are deployed. For
example, if samples are deployed on Sun(tm) ONE App Server7.0, run amas70config,
for Sun(tm) ONE Web Server run amws61config script found under <install-root>/SUNWam/bin
-
Restart web container (e.g /<WS-home-dir>/https-<WS-instance-name>/start,
/<AS-home-dir>/domains/domain1/server1/bin/start for Sun ONE Web Server
and Sun ONE App server respectively)
Steps to load MSISDN Auth module into Identity Server
-
Using IS Admin Console.
-
Login to Identity Server Console as amadmin, using the URL: http://<host>.<domain>:<port>/<Console-Deploy-URL>
-
Select "Service Configuration" frame "Service Configuration" frame
select "Core" within "Authentication"
-
Add class file name com.iplanet.am.samples.authentication.spi.msisdn.MSISDN
to "Pluggable Auth Modules Classes"
-
Click on save button to save the changes in console.
-
Using commandline (amadmin)
-
Write a sample.xml file as shown below, which will add MSISDN auth
module entry into allowed modules, authenticators list.
<!--
Copyright (c) 2003 Sun Microsystems,
Inc. All rights reserved
Use is subject to license terms.
-->
<!DOCTYPE Requests
PUBLIC "-//iPlanet//iDSAME 5.0 Admin
CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>
<Requests>
<SchemaRequests serviceName="iPlanetAMAuthService"
SchemaType="Organization">
<AddChoiceValues>
<AttributeValuePair>
<Attribute
name="iplanet-am-auth-allowed-modules"/>
<Value>MSISDN</Value>
</AttributeValuePair>
</AddChoiceValues>
</SchemaRequests>
<SchemaRequests serviceName="iPlanetAMAuthService"
SchemaType="Global">
<AddDefaultValues>
<AttributeValuePair>
<Attribute
name="iplanet-am-auth-authenticators"/>
<Value>com.iplanet.am.samples.authentication.spi.msisdn.MSISDN</Value>
</AttributeValuePair>
</AddDefaultValues>
</SchemaRequests>
</Requests>
-
Load sample.xml via amadmin
-
cd <install-root>/SUNWam/bin.
-
/amadmin --runasdn uid=amAdmin,ou=People,<default_org>,<root_suffix>
--password <password> --data sample.xml
Steps to run the MSISDN Auth Module program
-
Log in to the Identity Server console by entering the URL http://<host>.<domain>:<port>/<Console-Deploy-URI>
-
Select the "Identity Management" view.
-
Select your organization and select services from the "Show" menu.
-
Click on "Register", select "MSISDN" authentication on right side and
click "Register" to register MSISDN Auth Service.
-
Click on the "MSISDN Authentication" properties.
-
Click on "Create" to create a template for MSISDN Auth Service.
-
Fill the required field such as Trusted Gateway IP Address, MSISDN
Number Argument, LDAP Server Principal User id and password and save the
changes. If MSISDN Number need to be passed in cookie the cookie name should
be specified in Cookie:<cookie_name> syntax.
-
Click on the "Identity Server Core Authentication" properties.
-
Select "MSISDN" in "Allowed Authentication Modules" in the "Organization
Authentication Modules"list.
Note : Do not de-select LDAP auth module
-
Click "Submit" to save changes and log out.
-
Enter the URL http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login?module=MSISDN&org=<org_url_query>.
On Windows2000
Steps to "compile" the MSISDN Auth Module program on Windows2000
-
Set the following environment variables. These variables will be used
to run the make command. You can also set these variables in the Makefile.
This Makefile is in the same directory (<install-root>\samples\authentication\spi\msisdn)
as the MSISDN Auth Module program files.
-
JAVA_HOME
-
Set this variable to your installation of JDK. The JDK should be newer
than JDK 1.3.1.
-
BASE
-
Set this variable to <install-root>
-
CLASSPATH
-
Set this variable to refer to the following jars found in the
<install-root>/SUNWam/lib directory.
-
am_services.jar, am_sdk.jar, servlets.jar
-
(Note: Include jaas.jar in your classpath if you are using JDK version
less than JDK1.4)
-
BASE_CLASS_DIR
-
Set this variable to the directory where all the Sample compiled classes
are located.
-
JAR_DIR
-
Set this variable to the directory where the JAR files of the Sample
compiled classes will be created.
-
Go to the <install-root>/samples/authentication/spi/msisdn directory
and run make.
Steps to deploy the MSISDN Auth Module program
-
Copy MSISDN.jar from JAR_DIR to <install-root>/SUNWam/web-src/services/WEB-INF/lib
-
Update classpath with MSISDN.jar in the Web Container
from which this sample has to run.
-
Copy MSISDN.xml from <install-root>/SUNWam/samples/authentication/spi/msisdn/
to <install-root>/SUNWam/web-src/services/config/auth/default.
-
Modify amAuthMSISDN.xml (available in <install-root>/SUNWam/samples/authentication/spi/msisdn)
to provide proper ORG_BASE. It should be the root suffix of the Identity
Server.
-
Import amAuthMSISDN.xml (available in <install-root>/SUNWam/samples/authentication/spi/msisdn)
using amadmin to register iPlanetAMAuthMSISDNService
-
cd <install-root>/SUNWam/bin
-
./amadmin --runasdn uid=amAdmin,ou=People,<default_org>,<root_suffix>
--password <password> --schema amAuthMSISDN.xml
-
Copy amAuthMSISDN.properties (available in <install-root>/SUNWam/samples/authentication/spi/msisdn)
to <install-root>/SUNWam/locale
-
Update the ldap schema with <install-root>/SUNWam/samples/authentication/spi/msisdn/amAuthMSISDN.ldif
using 'ldapmodify' command in LDAP Server
e.g. /<install-root>/SUNWam/bin/ldapmodify -h <dshostname>
-p <dsport> -D "<ldapbinduser>" -w <ldabinddn> -v -f <install-root>/SUNWam/samples/authentication/spi/msisdn/amAuthMSISDN.ldif
-
Redeploy servies war file by running corresponding install script depending
upon the web container on which these samples are deployed. for example
if samples are deployed on Sun(tm) ONE App Server7.0, run amas70config,
for Sun(tm) ONE Web Server run amws61config script found under <install-root>/SUNWam/bin
-
Restart web container (e.g /<WS-home-dir>/https-<WS-instance-name>/start,
/<AS-home-dir>/domain/domain1/server1/bin/start for Web Server and App
server respectively)
-
Steps to load MSISDN Auth module into Identity Server
-
Using IS Admin Console.
-
Login to Identity Server Console as amadmin, using the URL: http://<host>.<domain>:<port>/<Console-Deploy-URL>
-
Select "Service Configuration" frame "Service Configuration" frame
select "Core" within "Authentication"
-
Add class file name com.iplanet.am.samples.authentication.spi.msisdn.MSISDN
to "Pluggable Auth Modules Classes"
-
Click on save button to save the changes in console.
-
Using Commandline (amadmin)
-
Write a sample.xml file as shown below, which will add MSISDN auth
module entry into allowed modules, anauthenticators list.
<!--
Copyright (c) 2003 Sun Microsystems,
Inc. All rights reserved
Use is subject to license terms.
-->
<!DOCTYPE Requests
PUBLIC "-//iPlanet//iDSAME 5.0 Admin
CLI DTD//EN"
"jar://com/iplanet/am/admin/cli/amAdmin.dtd"
>
<Requests>
<SchemaRequests serviceName="iPlanetAMAuthService"
SchemaType="Organization">
<AddChoiceValues>
<AttributeValuePair>
<Attribute
name="iplanet-am-auth-allowed-modules"/>
<Value>MSISDN</Value>
</AttributeValuePair>
</AddChoiceValues>
</SchemaRequests>
<SchemaRequests serviceName="iPlanetAMAuthService"
SchemaType="Global">
<AddDefaultValues>
<AttributeValuePair>
<Attribute
name="iplanet-am-auth-authenticators"/>
<Value>com.iplanet.am.samples.authentication.spi.msisdn.MSISDN</Value>
</AttributeValuePair>
</AddDefaultValues>
</SchemaRequests>
</Requests>
-
Load sample.xml via amadmin
cd <install-root>/SUNWam/bin.
/amadmin --runasdn uid=amAdmin,ou=People,<default_org>,<root_suffix>
--password <password> --data sample.xml
-
Steps to "run" the Login Module Sample program
-
Log in to the Identity Server console by entering the URL http://<host>.<domain>:<port>/<Console-Deploy-URI>
-
Select the "Identity Management" view.
-
Select your organization and select services from the "Show" menu.
-
Click on "Register", select "MSISDN" authentication on right side and
click "Register" to register MSISDN Auth Service.
-
Click on the "MSISDN Authentication" properties.
-
Click on "Create" to create a template for MSISDN Auth Service.
-
Fill the required field such as Trusted Gateway IP Address, MSISDN
Number Argument, LDAP Server Principal User id and password and save the
changes. If MSISDN Number need to be passed in cookie the cookie name should
be specified in Cookie:<cookie_name> syntax.
-
Click on the "Identity Server Core Authentication" properties.
-
Select "MSISDN" in "Allowed Authentication Modules". (Do not deselect
LDAP) in the "Organization Authentication Modules"list.
Note : Do not de-select LDAP auth module
-
Click "Submit" to save changes and log out.
-
Enter the URL http://<host>.<domain>:<port>/<Service-Deploy-URI>/UI/Login?module=MSISDN&org=<org_name>.
|