-
Notifications
You must be signed in to change notification settings - Fork 9
Web Flow Installation Manual
This manual describes the installation of Web Flow including setting up the environment. The manual assumes installation on a Linux system, however installation on other OSes contains similar steps.
Create group "tomcat" and user "tomcat":
$ groupadd tomcat
$ useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
$ chmod 775 tomcat
Optionally, add your user to the "tomcat" group:
$ usermod -a -G tomcat ext_johndoe
In order to function correctly, PowerAuth 2.0 requires Bouncy Castle to be available. While Wildfly already comes with own BC version, Tomcat requires BC to be installed system-wide.
Installation of Bouncy Castle is done in two steps:
- Add the Bouncy Castle provider jar to the $JAVA_HOME/jre/lib/ext directory
- Create a Bouncy Castle provider entry in the $JAVA_HOME/jre/lib/security/java.security file
The entry to java.security will look something like the following:
security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider
Replace N with the order of precedence you would like to give Bouncy Castle in comparison to the other providers in the file. Recommended would be the last entry in the list - N being the highest number in the list. Warning: Configuring Bouncy Castle as the first provider (security.provider.1) may cause JVM errors.
You can get the Bouncy Castle provider here: https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on
Unzip Tomcat 8.5.14 to "/opt/tomcat" folder. You can download Tomcat here:
https://tomcat.apache.org/download-80.cgi
Change owner of the files to "tomcat" user:
sudo chown -R tomcat:tomcat /opt/tomcat/
Create folder "/opt/ext-resources".
Change owner of the "/opt/ext-resources" to "tomcat:tomcat":
$ sudo chown -R tomcat:tomcat /opt/ext-resources/
$ sudo chmod -R 775 /opt/ext-resources/
$ sudo chmod -R -x+X /opt/ext-resources/
Copy all resources which you want to modify into this folder. See resources in projects powerauth-webauth and powerauth-webauth-i18n which contain original resources which can be modified for the concrete installation.
Copy "ojdbc6.jar" to "/opt/tomcat/lib" folder, so that the Oracle DB connector is on classpath. You can get the required JAR here:
https://mvnrepository.com/artifact/oracle/ojdbc6/11.2.0.3
Copy "mysql-connector-java-6.0.6.jar" to "/opt/tomtact/lib" folder, so that the MySQL DB connector is on classpath. You can get the required JAR here:
http://central.maven.org/maven2/mysql/mysql-connector-java/6.0.6
Find the JDBC client driver for the database and install it using similar steps as the steps above.
Edit "/opt/tomcat/conf/server.xml" so that the HTTP connector has the correct address:
<Connector port="8080" protocol="HTTP/1.1" address="10.x.x.x" connectionTimeout="20000" redirectPort="8443" />
- Create a new database or reuse an existing PowerAuth 2.0 database.
- Run the create_schema.sql script to create tables.
- Run the initial_data.sql script to load initial data.
Copy XML files described below to "/opt/tomcat/conf/Catalina/localhost". Then, update configurations in the files to reflect expected values. Make sure to use absolute URL, not reference to localhost
, for example:
<Parameter name="powerauth.credentials.service.url" value="http://10.x.x.x:8080/powerauth-credential-server-sample"/>
<Parameter name="powerauth.nextstep.service.url" value="http://10.x.x.x:8080/powerauth-nextstep"/>
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<!-- PowerAuth 2.0 Credential Service URL -->
<Parameter name="powerauth.credentials.service.url" value="http://10.x.x.x:8080/powerauth-credential-server-sample"/>
<!-- PowerAuth 2.0 Next Step Service URL -->
<Parameter name="powerauth.nextstep.service.url" value="http://10.x.x.x:8080/powerauth-nextstep"/>
<!-- PowerAuth 2.0 Server Service URL -->
<Parameter name="powerauth.service.url" value="http://10.x.x.x:8080/powerauth-java-server/soap"/>
<!-- PowerAuth 2.0 Server Service Security Settings -->
<Parameter name="powerauth.service.security.clientToken" value=""/>
<Parameter name="powerauth.service.security.clientSecret" value=""/>
<Parameter name="powerauth.service.ssl.acceptInvalidSslCertificate" value="false"/>
<!-- PowerAuth 2.0 Push Server URL -->
<Parameter name="powerauth.push.service.url" value="http://10.x.x.x:8080/powerauth-push-server"/>
<Parameter name="powerauth.push.service.appId" value="2"/>
<!-- PowerAuth 2.0 WebFlow Page Customization -->
<Parameter name="powerauth.webauth.page.title" value="XYZ Bank - Web Authentication"/>
<Parameter name="powerauth.webauth.page.ext-resources.location" value="file:/opt/ext-resources/"/>
<Parameter name="powerauth.webauth.page.custom-css.url" value=""/>
<!-- Database Configuration - JDBC -->
<Parameter name="spring.datasource.url" value="jdbc:oracle:thin:@//hostname:1523/SID"/>
<Parameter name="spring.datasource.username" value="powerauth"/>
<Parameter name="spring.datasource.password" value="********"/>
<Parameter name="spring.datasource.driver-class-name" value="oracle.jdbc.OracleDriver"/>
<Parameter name="spring.jpa.hibernate.ddl-auto" value="none"/>
<Parameter name="spring.jpa.properties.hibernate.default_schema" value="powerauth"/>
</Context>
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<!-- Database Configuration - JDBC -->
<Parameter name="spring.datasource.url" value="jdbc:oracle:thin:@//hostname:1523/SID"/>
<Parameter name="spring.datasource.username" value="powerauth"/>
<Parameter name="spring.datasource.password" value="********"/>
<Parameter name="spring.datasource.driver-class-name" value="oracle.jdbc.OracleDriver"/>
<Parameter name="spring.jpa.hibernate.ddl-auto" value="none"/>
<Parameter name="spring.jpa.properties.hibernate.default_schema" value="powerauth"/>
<!-- Application Configuration -->
<Parameter name="powerauth.service.applicationName" value="powerauth"/>
<Parameter name="powerauth.service.applicationDisplayName" value="PowerAuth 2.0 Server"/>
<Parameter name="powerauth.service.applicationEnvironment" value=""/>
<!-- Security Configuration -->
<Parameter name="powerauth.service.restrictAccess" value="false"/>
</Context>
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<!-- PowerAuth 2.0 Server Service URL -->
<Parameter name="powerauth.service.url" value="http://10.x.x.x:8080/powerauth-java-server/soap"/>
</Context>
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<!-- Database Configuration - JDBC -->
<Parameter name="spring.datasource.url" value="jdbc:oracle:thin:@//hostname:1523/SID"/>
<Parameter name="spring.datasource.username" value="powerauth"/>
<Parameter name="spring.datasource.password" value="********"/>
<Parameter name="spring.datasource.driver-class-name" value="oracle.jdbc.OracleDriver"/>
<Parameter name="spring.jpa.hibernate.ddl-auto" value="none"/>
<Parameter name="spring.jpa.properties.hibernate.default_schema" value="powerauth"/>
</Context>
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<!-- PowerAuth 2.0 Server Service URL -->
<Parameter name="powerauth.service.url" value="http://10.x.x.x:8080/powerauth-java-server/soap"/>
<!-- PowerAuth 2.0 Server Service Security Settings -->
<Parameter name="powerauth.service.security.clientToken" value=""/>
<Parameter name="powerauth.service.security.clientSecret" value=""/>
<Parameter name="powerauth.service.ssl.acceptInvalidSslCertificate" value="false"/>
<!-- Database Configuration - JDBC -->
<Parameter name="spring.datasource.url" value="jdbc:oracle:thin:@//hostname:1523/SID"/>
<Parameter name="spring.datasource.username" value="powerauth"/>
<Parameter name="spring.datasource.password" value="********"/>
<Parameter name="spring.datasource.driver-class-name" value="oracle.jdbc.OracleDriver"/>
<Parameter name="spring.jpa.hibernate.ddl-auto" value="none"/>
<Parameter name="spring.jpa.properties.hibernate.default_schema" value="powerauth"/>
<!-- APNS Configuration -->
<Parameter name="powerauth.push.service.apns.useDevelopment" value="true"/>
</Context>
<?xml version="1.0" encoding="UTF-8"?>
<Context>
<!-- PowerAuth 2.0 OAuth 2.0 API Config -->
<Parameter name="powerauth.webauth.service.url" value="http://10.x.x.x:8080/powerauth-webauth"/>
<Parameter name="powerauth.webauth.service.oauth.authorizeUrl" value="http://10.x.x.x:8080/powerauth-webauth/oauth/authorize"/>
<Parameter name="powerauth.webauth.service.oauth.tokenUrl" value="http://10.x.x.x:8080/powerauth-webauth/oauth/token"/>
<Parameter name="powerauth.webauth.service.oauth.clientId" value="foo"/>
<Parameter name="powerauth.webauth.service.oauth.clientSecret" value="bar"/>
<!-- PowerAuth 2.0 Next Step Config -->
<Parameter name="powerauth.nextstep.service.url" value="http://10.x.x.x:8080/powerauth-nextstep"/>
<!-- Database Configuration - JDBC -->
<Parameter name="spring.datasource.url" value="jdbc:oracle:thin:@//hostname:1523/SID"/>
<Parameter name="spring.datasource.username" value="powerauth"/>
<Parameter name="spring.datasource.password" value="********"/>
<Parameter name="spring.datasource.driver-class-name" value="oracle.jdbc.OracleDriver"/>
<Parameter name="spring.jpa.hibernate.ddl-auto" value="none"/>
<Parameter name="spring.jpa.properties.hibernate.default_schema" value="powerauth"/>
</Context>
Create war artifacts using steps described in Compilation, Packaging and Deployment and copy them into /opt/tomcat/webapps.
Start Tomcat service as the "tomcat" user:
$ sudo -u tomcat sh /opt/tomcat/bin/catalina.sh start
Start Tomcat with following command:
$ JPDA_OPTS="-agentlib:jdwp=transport=dt_socket,address=9002,server=y,suspend=n" sh /opt/tomcat/bin/catalina.sh jpda start
To observe tomcat logs interactively, use following command:
$ tail -f -n200 /opt/tomcat/logs/catalina.out
Overview
Applications
- Web Flow Server
- Next Step Server
- Data Adapter
- Mobile Token
- PowerAuth Server
- PowerAuth Admin
- PowerAuth Push Server
REST APIs
- NextStep Server REST API Reference
- Data Adapter REST API Reference
- Web Flow REST API Reference
- Mobile Push Registration API
- Mobile Token REST API Reference
Deployment
Customizing Web Flow
- Customizing Web Flow Appearance
- Implementing Data Adapter Interface
- Web Flow Configuration
- Configuring Next Step Definitions
- Customizing Operation Form Data
- Mobile Token Configuration
Technical Notes
Development
Releases