Yubico Forum :: View topic - Tutorial: Deploying Java Validation Server on Glassfish

5. SETUP YUBIKEY JAVA VALIDATION SERVER
Launch your browser and go to http://code.google.com/p/yubikey-server-j/.
Switch to the source tab and check out the files provided by the svn.
Run eclipse (or your favourite Java Dev Tool).
New Java Project / Create Project from existing source / select the directory just checked out
Now you will see a warning: "base.jar is missing".
Right mouse click on the project / Build Path / Configure Build Path.
Remove the base.jar.
Add jars... / select your project / resources / yubico-base-1.1.jar / Ok
Go to the src package and open the file "web.xml".
Configure your MySQL db_user, db_password and db_url (e.g. "jdbc:mysql://:3306/yubico?autoReconnect=true").
The next step is a little bit weird but it caused an error on my glassfish ("The content of element type "servlet" must match..."):
Thus you need to change this. You have to do this for both servlet nodes in the web.xml: Cut the line "<load-on-startup>1</load-on-startup>" out of the servlet node and paste it beneath the last init-param of the same servlet node.

6. EXPORT YUBIKEY SERVER TO GLASSFISH
In eclipse right mouse click on build.xml / Run as / Ant build...
This will generate a file named "wsapi.war" in the "out" directory of your project.
Launch your Glassfish Admin Console in a browser (http://localhost:4848/) and go to Applications / Web Applications.
Deploy / select the "wsapi.war" you've just created / Ok
Launch your favourite browser and go to http://localhost:8080/wsapi/verify?id=1&otp=
Put your finger on the Yubikey USB token. At the moment this will cause an error because we have to create and fill the MySQL database first.

Author:	FloAtFokus [ Thu Aug 27, 2009 4:40 pm ]
Post subject:	Tutorial: Deploying Java Validation Server on Glassfish
This tutorial will focus on the yubikey server. Thus, I will not go into the details of Glassfish/MySQL Setup. 1. DOWNLOAD YUBIKEY CONFIGURATION TOOL First of all modify your Yubikey since we are not able to read the AES128 of our Yubikey. Keep in mind that you can't login to services from Yubico once you modified your Yubikey until you uploaded your modified Yubikey data to Yubico here: http://www.yubico.com/developers/aeskeys/ Download and install personalization tool. There is a binary version for Windows. http://www.yubico.com/developers/personalization/ 2. MODIFY YOUR YUBIKEY Run the application "Yubico Configuration Utility" from Start Menu. Select: "Create a dynamic Yubikey Configuration (OTP mode)" Use a public identity Desired Length: 6 Public ID String: ff 50 7d b6 68 de (I will use this example value in the tutorial but you can choose any other value) Fixed Value NEXT Do not use a private identity NEXT AES Key: e1 6e 6e c2 5c 31 46 94 01 9e 44 40 ff c3 43 3b NEXT Output Format Flags: Send ENTER as the last keystroke NEXT The yubikeys are currently unprotected and I want to keep it that way NEXT Write to configuration 1 RUN Close the application 3. SETUP LOCAL GLASSFISH SERVER Download Glassfish Server from sun: https://glassfish.dev.java.net/public/d ... index.html Unzip and run setup.xml with ant. Start Glassfish Server: "asadmin start-domain domain1". Launch your browser and go to http://localhost:8080/ to see if it's running. Go to http://localhost:4848/ (default name: admin / default pass: adminadmin) to open the configuration. 4. SETUP MYSQL FOR GLASSFISH Download and install MySQL. Download and install JDBC Connector as described in here: http://www.albeesonline.com/blog/2008/0 ... on-server/ 5. SETUP YUBIKEY JAVA VALIDATION SERVER Launch your browser and go to http://code.google.com/p/yubikey-server-j/. Switch to the source tab and check out the files provided by the svn. Run eclipse (or your favourite Java Dev Tool). New Java Project / Create Project from existing source / select the directory just checked out Now you will see a warning: "base.jar is missing". Right mouse click on the project / Build Path / Configure Build Path. Remove the base.jar. Add jars... / select your project / resources / yubico-base-1.1.jar / Ok Go to the src package and open the file "web.xml". Configure your MySQL db_user, db_password and db_url (e.g. "jdbc:mysql://:3306/yubico?autoReconnect=true"). The next step is a little bit weird but it caused an error on my glassfish ("The content of element type "servlet" must match..."): Thus you need to change this. You have to do this for both servlet nodes in the web.xml: Cut the line "<load-on-startup>1</load-on-startup>" out of the servlet node and paste it beneath the last init-param of the same servlet node. 6. EXPORT YUBIKEY SERVER TO GLASSFISH In eclipse right mouse click on build.xml / Run as / Ant build... This will generate a file named "wsapi.war" in the "out" directory of your project. Launch your Glassfish Admin Console in a browser (http://localhost:4848/) and go to Applications / Web Applications. Deploy / select the "wsapi.war" you've just created / Ok Launch your favourite browser and go to http://localhost:8080/wsapi/verify?id=1&otp= Put your finger on the Yubikey USB token. At the moment this will cause an error because we have to create and fill the MySQL database first. 7. CONFIGURE MYSQL DATABASE FOR YUBIKEY JAVA SERVER This page provides a guide for the MySQL tables: yubico-val-server/db.htm I prefer GUI tools such as MySQL Administrator or PhpMyAdmin but you can use normal command line as well. You should have a databse named "yubico" in your local MySQL. Execute these queries on your MySQL database: yubico-val-server/db_schema.sql Unfortunately the "yubikeys" table misses a column named "sessionUse", thus we need to add it with the following query: alter table yubikeys add column sessionUse varchar(60); 8. INSERT YOUR YUBIKEY INTO DATABASE In step 2 we reprogrammed our Yubikey. Now we need to insert those values into the "yubikey" table of our database. But first of all the public ID and the AES128 key must be converted into Base64. Search for a Hexa --> Base64 Converter in Google (I like this one: http://home2.paulschou.net/tools/xlate/) Attention: Do not convert from String to Base64 (ZmY1MDdkYjY2OGRl is NOT a valid Base64 encoding for the public Id) Public ID: a9 f9 de ff 36 22 --> Base64: qfne/zYi AES Key: e1 6e 6e c2 5c 31 46 94 01 9e 44 40 ff c3 43 3b --> Base64: 4W5uwlwxRpQBnkRA/8NDOw== The column "tokenId" represents the Base64 encoded public Id and the secret represents the Base64 encoded AES Key. INSERT INTO yubikeys (client_id, active, tokenId, secret, created, accessed) VALUES ('1', '1', 'qfne/zYi','4W5uwlwxRpQBnkRA/8NDOw==',now(),now()); 9. TEST YOUR NEW SERVER Launch your favourite browser and go to http://localhost:8080/wsapi/verify?id=1&otp= Point to the end of the address field, put your finger on the Yubikey USB token. Now you should see something like this: t=2009-08-27T17:33:57Z0515 status=OK h=mtPBJ9BrYCjEqO88a8wfk2IoG1E=

Author:	network-marvels [ Thu Aug 27, 2009 4:47 pm ]
Post subject:	Re: Tutorial: Deploying Java Validation Server on Glassfish
Thank you for posting the detailed step by step guide !!!

Author:	quocbinhsg [ Mon Nov 01, 2010 6:47 pm ]
Post subject:	Re: Tutorial: Deploying Java Validation Server on Glassfish
FloAtFokus wrote: 5. SETUP YUBIKEY JAVA VALIDATION SERVER Launch your browser and go to http://code.google.com/p/yubikey-server-j/. Switch to the source tab and check out the files provided by the svn. Run eclipse (or your favourite Java Dev Tool). New Java Project / Create Project from existing source / select the directory just checked out Now you will see a warning: "base.jar is missing". Right mouse click on the project / Build Path / Configure Build Path. Remove the base.jar. Add jars... / select your project / resources / yubico-base-1.1.jar / Ok Go to the src package and open the file "web.xml". Configure your MySQL db_user, db_password and db_url (e.g. "jdbc:mysql://:3306/yubico?autoReconnect=true"). The next step is a little bit weird but it caused an error on my glassfish ("The content of element type "servlet" must match..."): Thus you need to change this. You have to do this for both servlet nodes in the web.xml: Cut the line "<load-on-startup>1</load-on-startup>" out of the servlet node and paste it beneath the last init-param of the same servlet node. 6. EXPORT YUBIKEY SERVER TO GLASSFISH In eclipse right mouse click on build.xml / Run as / Ant build... This will generate a file named "wsapi.war" in the "out" directory of your project. Launch your Glassfish Admin Console in a browser (http://localhost:4848/) and go to Applications / Web Applications. Deploy / select the "wsapi.war" you've just created / Ok Launch your favourite browser and go to http://localhost:8080/wsapi/verify?id=1&otp= Put your finger on the Yubikey USB token. At the moment this will cause an error because we have to create and fill the MySQL database first. I download wsapi.war and open it with Eclipse. So I edit web.xml as you describle. But GlassFish still show error: Exception while deploying the app : java.io.IOException: org.xml.sax.SAXParseException: The content of element type "servlet" must match "(icon?,servlet-name,display-name?,description?,(servlet-class\|jsp-file),init-param,load-on-startup?,run-as?,security-role-ref)". Can you help me? Regards!

Yubico Forum https://forum.yubico.com/

Tutorial: Deploying Java Validation Server on Glassfish https://forum.yubico.com/viewtopic.php?f=5&t=394	Page 1 of 1

Page 1 of 1	All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/