Product Documentation

These instructions assume that the Fidopolicy application is being installed on the same machine/VM as the FIDO Server.

  1. Create the following directories to configure the WebAuthn servlet home folder.

    sudo mkdir -p /usr/local/strongkey/poc/etc
  2. Create a configuration file for the service provider web application.

    sudo vi /usr/local/strongkey/poc/etc/poc-configuration.properties
  3. Fill in the appropriate values (listed in [ ]) to configure the sample application with SKFS.

    poc.cfg.property.apiuri=https://[hostname of FIDO Server]:8181

    Save and exit.

  4. Download the service provider web application distribution fidopolicyserver-vx.xx-dist.tgz.

    wget https://sourceforge.net/projects/strongkeyfido/files/v4.14.0/sampleapps/java/fidopolicy/fidopolicyserver-v4.14.0-dist.tgz
  5. Verify if sha256sum for the distribution matches 0e60835b92296c8f5e8e1fe6833ac45f429866b19c81105f8d27097e30eb8050
    shell> sha256sum fidopolicyserver-v4.14.0-dist.tgz
  6. Extract the downloaded file to the current directory:

    tar xvzf fidopolicyserver-v4.14.0-dist.tgz
  7. Execute the install-fidopolicyserver.sh script as follows:

    sudo ./install-fidopolicyserver.sh
  8. Test that the servlet is running by executing the following cURL command and confirm that the API Web Application Definition Language (WADL) file is returned in response:

    curl -k https://localhost:8181/fidopolicyboa/fido2/application.wadl

At this point, the FIDO Policy BOA server is installed. Continue to install the front-end Angular application.

  1. Switch to (or login as) the strongkey user. The default password for the strongkey user is ShaZam123.

    su - strongkey
  2. Download the web application distribution for the FIDO2 Server policy-ui-dist.tgz.

    wget https://sourceforge.net/projects/strongkeyfido/files/v4.14.0/sampleapps/java/fidopolicy/policy-ui-dist.tgz
  3. Verify if sha256sum for the distribution matches b600b9e9b77055a92dd517ebc76c1a0815ca0ba6c0fbe27eda7411067a3db0c2
    shell> sha256sum policy-ui-dist.tgz
  4. Extract the downloaded file.

    tar xvzf policy-ui-dist.tgz
  5. Create a directory in Payara named fidopolicy.

    mkdir -p /usr/local/strongkey/payara6/glassfish/domains/domain1/docroot/fidopolicy
  6. Copy all the files to the Payara docroot.

    cp -r dist/* /usr/local/strongkey/payara6/glassfish/domains/domain1/docroot/fidopolicy
  7. Enable port forwarding as root from port 443 to port 8181.
    firewall-cmd --zone=public --add-forward-port=port=443:proto=tcp:toport=8181 --permanent
    firewall-cmd --reload 
    
  8. The application is deployed in docroot on the FIDO Policy BOA server. Access it as follows in a browser:

    https://<FQDN-of-Policy-server>/fidopolicy