NSD1189 How to Install One Time Password Server Prefetch JSP Web Application on Tomcat Fact Nordic Edge One Time Password Server, Tomcat, Prefetch JSP Web Application. Situation Installation of the One Time Password Prefetch JSP Web Application. Solution The OTP prefetch application ships with two pages (two different scenarios). ● Self Service - selfService.jsp is a self service page. Users logs in to generate a number of prefetch passwords, distributed by SMS or e-mail. ● Centralized Administration - centralizedAdmin.jsp is a centralized administration page. An "OTP prefetch password administrator" logs in to generate a number of prefetch passwords, for a selected user account, distributed by SMS or e-mail. System Requirements ● Nordic Edge One Time Password Server 1.6 or later ● Tomcat 6.0 or later, installed with Java JDK (not JRE) Prerequisites ● Nordic Edge One Time Password Server installed and configured to use SMS or e-mail to send OTP Installation ● Download the PrefetchOTP.war ● Copy the PrefetchOTP.war to the tomcat/webapps directory, for instance C:\\Program Files\\apache-tomcat-6.0.20\\webapps on a Windows 2003 Server The Tomcat Web Server will now deploy (if the tomcat service is started) the web archive into a directory called PrefetchOTP under the webapps directory. Configuration ● Open the file ..\PrefetchOTP\constants.jsp with a text editor (example below) ● Modify the string values to match your environment /*----------------------Settings section start------------------------------------------------------------------*/ //OTP Server settings String otpServerHostaddress = "localhost"; //The OTP Server IP address String otpServerPortNumber = "3100"; //The OTP Server portnumber //Language and culture support String language = "en"; //"sv" for Swedish. "en" for English. NOTE: The current browser language settings is used if 'language' is set to "" String country = "US"; //"SE" for Sweden. "US" for United States. /*----------------------Settings section end------------------------------------------------------------------*/ [Optional Configuration] - Redirect the application in the ...webapps\PrefetchOTP\index.jsp Index.jsp gives the option to configure the application URL. The self service page is configured as the default page: //OTP Prefetch Self Service Page response.sendRedirect("selfService.jsp"); //OTP Prefetch Centralized Admin Page //response.sendRedirect("centralizedAdmin.jsp"); To enable centralized administration as default page: Remove the slashes (//) from the line “response.sendRedirect( "centralizedAdmin.jsp");” and and two slashes in front of the "response.sendRedirect("selfService.jsp")". //OTP Prefetch Self Service Page //response.sendRedirect("selfService.jsp"); //OTP Prefetch Centralized Administration Page response.sendRedirect("centralizedAdmin.jsp"); Verify that the Web Application is working as expected: Figure: The selfService.jsp Page To change configuration default values modify the Content of selfService.jsp or centralizedAdmin.jsp (optional configuration) To change the default value (5) in “Numbers of…” to, for instance 10, make following changes: <option>5</option> <option selected>10</option> …and to add another digit <option>25</option> <option>35</option> <option>45</option> If you want to add an item or a method, in this case “chatAttribute” and Chat, to the “Send via” drop down list, just add the tags below: <select name="dlSendAttrib" > <option value="mobile" selected >SMS</option> <option value="mail" >Email</option> <option value="chatAttribute" >Chat</option> </select> AND add the Chat option to the Java code: if (sendWith.equals("SMS")) { sendWith = "mobile"; } else if (sendWith.equals("Email")) { sendWith = "mail"; } else if (sendWith.equals("Chat")) { sendWith = "chatAttribute"; } Configuration for the Centralized Administration Page - centralizedAdmin.jsp The centralizedAdmin.jsp works the same as the selfService.jsp except for following differences: ● The account used to generate the prefetch passwords must be an "OTP prefetch administrator" ● The centralized administration may want to receive the generated OTP's instead of users receiving them Additional Configuration: ● How to configure an "OTP prefetch administrator" in the OTP Server, see NSD1183 ● How to configure the OTP Server to send an e-mail containing prefetched OTP's to a static "OTP prefetch receiver", see NSD1184. Figure: The centralizedAdmin.jsp page One Time Password Server Configuration Now, you must add the Tomcat Web Server as a client object in the One Time Password Server configuration. How to add a client is described in the One Time Password Server 3.0 - Administrators Manual, section 13 Client Configuration.