Versions Compared

Old Version 3

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space IDS and version 8.3

...

  1. Open the Ubisecure Management application.
  2. Select Global Method Settings and click the New Method... button.

  3. Add New Method window opens.
    Give the method a title (external name visible to end users) and name (name for internal use).
    Set the title to SMS
    Set the name to ubikey.sms.1
    Set the method type to SPI Mobile Phone. The Method Class is automatically selected.
    A directory must be selected, from which contains the user's password and registered telephone number. Select the Directory from the drop down list.
    Press OK.

    Expand
    titleShow image

    Figure 1. Adding a new SMS method to Ubisecure SSO
  4. In the Main page of the new method, select the Enabled checkbox to activate the new method.

  5. Add the following lines to the Configuration String field:

    Code Block
    languagetext
    policy.password.encoding={SSHA}
policy.password.protocol=UbiloginDirectory
password-name=password.1
directory.schema=UbiloginDirectory

    In this example password.1 will be used as the source for username, password and mobile phone number.

  6. Click SPI Mobile Phone tab. Enter the URL of the SMS service.The variable {mobile} will be replaced with the users mobile number from the user directory.

    The variable {challenge} will be replaced with the text to be displayed on the mobile phone.

    Example:  http://sms-service-.com/sms/sendsms?to= {mobile}&content={challenge}

    Click Update.

    Note

    NOTE: Be sure that the configured HTTP server in URL parameter answers as HTTP status code 200 (The request has succeeded). All other response codes will be interpreted as a failure situation and the SMS authentication will not succeed. Configurable error will be shown to the user.

    Figure 2. Defining the SMS Gateway URL for sending an SMS


    Note

    NOTE: This http address must be reachable from this and any other configured nodes.

  7. Configure UI Text and SMS text

    The variable {challenge} will be replaced with the text to be displayed on the mobile phone. The message used can be set using the tag SMS_TEXT in the localization files, for example uas.properties. Please refer to the  Login user interface customization - SSO .

    Code Block
    languagetext
    titleCustomizing and localizing message text
    SMS_TEXT = Your one time password is {0}
    • Info
      titleSSO 8.3.23

      In SSO version 8.3.2 3 a new parameter for the message key was added: {1}

      By default, SSO formats the one-time password in four number sequences. In case you want to omit this kind of formatting, you can define the message key {1} instead of the standard {0}. The message key {1} always holds a plain version of the one-time password.

      Code Block
      languagetext
      titleCustomizing and localizing message text
      SMS_TEXT = Your one time password is {1}

    Configure remaining UI text and to match system, branding and language requirements.

  8. The method is now installed. Complete the configuration and access control.

...

After completing these settings, Ubisecure Server is configured to use unregistered SMS as an authentication method.

Additional parameters

Info
titleSSO 8.3.3

In SSO version 8.3.3 token formatting parameters were added.

tokenPattern

The tokenPattern parameter is defined in the authentication method's Configuration String view. This parameter defines how the one-time password should be formatted in a friendly way that is easy for a person to process. Acceptable values hold only pound characters (#) and spaces, where each pound sign represents an individual number from the one-time password and spaces represent themselves, any other characters in configuration string will revert to default behavior. One-Time passwords consist typically of 8 numbers that are printed in 4-number sequences (e.g. 1234 5678). In case you want to sequence them differently, you can use the tokenPattern configuration option to produce any kind of sequencing. For example, the configuration: "tokenPattern=## ### ## #" would change the formatting of the one-time password "1234 5678" to "12 345 67 8".

tokenLength:

The generated token's length is, by default, 8 digits. This can be modified using the tokenLength parameter. Generated tokens are split, by default, to sequences of four digits in order to make the token more easy to copy. Note that spaces are completely disregarded in token validation - they are there only to make the process more user friendly. The minimum allowed length is 4 digits - if the token is parameterized any shorter, then the default value will apply.

After Installation

Configuring Ubisecure SMS for Users and Web Applications

...