This project is a basic service provider web application written in Java to work with StrongKey FIDO Server (SKFS), Community Edition. This project also includes sample JavaScript files providing a basic user interface to test FIDO2 registration and authentication.
Prerequisites
- This service provider web application example must have a means of connecting with a StrongKey FIDO2 Server; install a FIDO2 Server either on the same machine as a service provider web application or a different one
- A Java web application server; these instructions are based on using Payara (GlassFish)
- The instructions assume the default ports for all the applications installed; Payara runs HTTPS on port 8181 by default, all firewall rules allow that port to be accessible
- The sample commands below assume this service provider web application is installed on the same machine where the StrongKey FIDO2 Server has been installed; if installing on a separate machine, the commands may have to be adjusted accordingly
Installation Instructions
-
Switch to (or login as) the strongkey user. The default password for the strongkey user is ShaZam123.
su - strongkey -
Create the following directories to configure the WebAuthn servlet home folder.
mkdir -p /usr/local/strongkey/webauthntutorial/etc -
Create a configuration file for the service provider web application to configure a FIDO2 Server.
echo "webauthntutorial.cfg.property.apiuri=https://$(hostname):8181" > /usr/local/strongkey/webauthntutorial/etc/webauthntutorial-configuration.properties -
Download the service provider web application .war file basicdemo.war.
wget https://sourceforge.net/projects/strongkeyfido/files/v4.12.0/sampleapps/java/basic/basicdemo.war -
Add the .war file to Payara.
payara5/glassfish/bin/asadmin deploy basicdemo.war -
Test that the servlet is running by executing the following cURL command and confirming that the API Web Application Definition Language (WADL) file is returned in response.
curl -k https://localhost:8181/basicdemo/fido2/application.wadl
Upgrade Instructions
This project is a basic service provider web application written in Java to work with StrongKey's FIDO2 Server, Community Edition. This project also includes sample JavaScript files providing a basic user interface to test FIDO2 registration and authentication.
-
Switch to (or login as) the strongkey user. The default password for the strongkey user is ShaZam123.
su - strongkey -
Change the name of the configuration file.
mv /usr/local/strongkey/webauthntutorial/etc/webauthntutorial.properties /usr/local/strongkey/webauthntutorial/etc/webauthntutorial-configuration.properties -
Open any text editor (Ex: vi) to edit the configuration file and update the "webauthntutorial.cfg.property.apiuri" property. (the /api is being removed at the end of the URL)
webauthntutorial.cfg.property.apiuri=https://$(hostname):8181 -
Download theservice provider web application .war file basicdemo.war.
wget https://sourceforge.net/projects/strongkeyfido/files/v4.12.0/sampleapps/java/basic/basicdemo.war -
Undeploy the old version and deploy the new .war file to Payara.
payara5/glassfish/bin/asadmin undeploy basicserver payara5/glassfish/bin/asadmin deploy basicdemo.war -
Test that the servlet is running by executing the following cURL command and confirming that the API Web Application Definition Language (WADL) file is returned in response.
curl -k https://<FQDN-of-Policy-server>:8181/basicdemo/fido2/application.wadl
Removal
To uninstall the service provider sample web application, follow the uninstall instructions here. Removing SKFS also removes the sample service provider web application and sample WebAuthn client.
Contributing to the Sample Service Provider Web Application
If you would like to contribute to the sample service provider web application project, please read CONTRIBUTING.md, then sign and submit the Contributor License Agreement (CLA).
Licensing
This project is currently licensed under the GNU Lesser General Public License v2.1.