NSD1288 How to use OTPServer V3 with a Flat File... Fact Situation ●

NSD1288 How to use OTPServer V3 with a Flat File Database
Fact
●
Nordic Edge One Time Password Server version 3
●
Flat File Database
Situation
Nordic Edge One Time Password Server is securing access to applications and systems with strong, two
factor authentication.
The standard User Stores OTPServer v3 is supporting are:
●
LDAP (Sun Directory Server, Microsoft Active Directory, Novell eDirectory etc.)
●
SQL via JDBC or ODBC (Oracle, Microsoft SQL Server etc.)
It is possible to configure OTPServer to authenticate Users from a Flat File Database instead.
OTPServer is delivered with two Flat File Database extensions and a user creation tool found in
directory ext under OTPServer3:
●
FileAuthModule.class
●
FileNoAuthModule.class
●
AddUserToFile.class
To protect passwords from user accounts inside the flat file database used with FileAuthModule.class,
user accounts must be created with the java class file AddUserToFile.class.
Solution
The following examples are describing how to configure OTPServer to protect a Radius system and
deliver OTPs via the Nordic Edge SMS Gateway or via eMail.
Notes: Clients using the Nordic Edge APIs can also be used.
When using SMTP, an email with the subject line as an OTP will be sent instead of an SMS message.
1) OTPServer Database Object Configuration
Extension modules are located in the ext directory under \\\\OTPServer3.
The Flat File must be located in the \\\\OTPServer3 directory, otpauth.txt or otpnoauth.txt for
example.
●
FileAuthModule.class
OTPServer v3 configured with this extension is reading a text file containing a username and password
for User authentication as well as to find out which OTP delivery method to use (SMS or eMail).
The file structure should be:
uid:password:mobile
or
uid:password:eMail address
Note: Test buttons do not work with this type of External databasehandler.
OTPServer3 configured as in above picture is using text file otpauth.txt - containing username,
password and mobile number - as a User store.
Note: Use standard text editor to create file otpauth.txt
To add user accounts into otpauth.txt, the java class file AddUserToFile.class must be used from the
console and \\\\OTPServer3 directory.
For example, to add user account "nordicedge" with password "connected" and mobile number
+4688888888, run:
java -cp . ext/AddUserToFile otpauth.txt nordicedge connected +4688888888
Print screen from a Windows system:
●
FileNoAuthModule.class
OTPServer v3 configured with this extension is reading a text file containing a username for User
authentication as well as to find out which OTP delivery method to use (SMS or eMail).
Note: Use standard text editor to create file and add user accounts.
The file structure should be:
uid:mobile
or
uid:eMail address
Note: The Test buttons do not work with this type of External databasehandler.
2) OTPServer configuration for both database extensions
- Radius Server object
Note: Radius Port number must match Port number configured on protected Radius system.
- Radius Client object
Note: Shared Secret must match corresponding Radius system.
- Delivery Method object
●
SMS via the Nordic Edge SMS Gateway
●
eMail via SMTP