Installation - TUPAS Emulator

To install TUPAS Emulator as an authentication method, first install the TUPAS Emulator on your application server, and then set it up for use in Ubisecure Authentication Server.

Before installation

TUPAS Emulator requires the Java 2 Standard Edition (J2SE) run-time environment. The latest version 1.4 of J2SE is recommended for installing and running TUPAS Emulator. TUPAS Emulator uses Java Servlet and JavaServer Pages technology and requires a Servlet/JSP container that implements the JavaServer Pages 1.2 specifications.

System requirements

  • Ubisecure Authentication Server
  • J2SE 1.4.2 SDK or newer
  • Servlet/JSP container with JSP 1.2, such as Apache Tomcat 5.5

Required files

  • methods-tupas.ldif
    • Configuration file from Ubisecure Server Installation
  • tupasemulator.zip or tupasemulator.tar.gz
    • TUPAS Emulator software

Installing TUPAS Emulator

Unpacking the software on Windows

In Windows, unzip the Zip archive into the C:\Ubisecure folder.

Unpacking TUPAS Emulator on Windows
cd /d c:\ubisecure
unzip tupasemulator.zip

The following new files are now unpacked:

  • mergetupasemulator.cmd
  • tupasemulator/tupasemulator.war
  • tupasemulator/WEB-INF/tupas.properties

Unpacking the software on Linux

In Linux, unpack the Tar archive into the /usr/local/ubisecure folder.

Unpacking TUPAS Emulator on Linux
cd /usr/local/ubisecure
gzip -dc tupasemulator.tar.gz | tar xvf -

The following new files are now unpacked:

  • mergetupasemulator.sh
  • tupasemulator/tupasemulator.war
  • tupasemulator/WEB-INF/tupas.properties

Configuration

You can now configure the software by editing the configuration file tupas.properties. Please refer to the Configuration - TUPAS Emulator on for more information about configuring TUPAS Emulator.

If you leave the configuration file intact, TUPAS Emulator will work with default configuration settings (see Appendix: System configuration files).

Deployment

TUPAS Emulator web application is distributed and installed as standard Web Archive (.war) files. A .war file is deployed with Apache Tomcat by copying the .war file to the webapps directory in the Tomcat installation directory.

The .war file in the TUPAS Emulator software package does not contain any configuration settings. Before deployment the configuration file must be merged into the .war file. The TUPAS Emulator software package includes a command to simplify merging the .war file and the configuration file:

Merging on Windows
cd /d c:\ubisecure
mergetupasemulator.cmd
Merging on Linux
cd /usr/local/ubisecure
sh mergetupasemulator.sh

As a result of the merge command the merged .war file is created into the webapps folder. Copy the merged .war file to the webapps directory in the Tomcat installation directory:

Windows
cd /d c:\ubisecure\webapps
copy tupasemulator.war "C:\Program Files\apache-tomcat-5.5.17\webapps"
Linux
cd /usr/local/ubisecure/webapps
copy tupasemulator.war /usr/local/apache-tomcat-5.5.17/webapps

The TUPAS Emulator software is now installed. In order to test if TUPAS Emulator deployment was successful, please refer to After Installation chapter later on this page.

Setting up the Ubisecure Authentication Server

Setting up the Ubisecure LDAP directory

Add an TUPAS Emulator authentication object to your Ubisecure LDAP directory with the import script from Ubisecure Server Installation. You will need the file methods.ldif. After installing UAS according to document Installation - SSO, this file will be in directory c:\Ubisecure\ldap (Windows environment) or /usr/local/ubisecure/ldap (Linux environment). From this file, copy the part that contains "Tupas 2, test" to a new file named tupasemulator.ldif.

Example of tupasemulator.ldif
Tupas 2, Test dn: 
cn=tupas.test.1,cn=Server,ou=System,cn=Ubilogin,dc=localhost
changetype: add 
cn: tupas.test.1
objectClass: top
objectClass: ubiloginAuthMethod 
ubiloginAuthMethodType: Tupas 2
ubiloginClassname: com.ubisecure.auth.login.Tupas2LoginModule
ubiloginConfString: alg 01 
ubiloginConfString: idtype 02
ubiloginConfString: keyvers 0001 
ubiloginConfString: langcode FI
ubiloginConfString: macKey1 LEHTI 
ubiloginConfString: rcvid 87654321
ubiloginConfString: url http://localhost:8080/tupasemulator/
ubiloginConfString: vers 0002
ubiloginEnabled: FALSE
ubiloginTitle: Tupas Test

Choose the import script according to your platform and Ubisecure LDAP directory. Execute the following commands to create the TUPAS Emulator authentication object in the Ubisecure LDAP directory.

Initializing Ubisecure Directory and TUPAS Emulator in Windows
cd /d c:\ubisecure\ldap
openldap\import.cmd tupasemulator.ldif
Initializing Ubisecure Directory and TUPAS Emulator in Linux
cd /usr/local/ubisecure/ldap
sh openldap/import.sh tupasemulator.ldif

Configuring the Ubisecure Server

Start a session with Ubisecure Management and go straight from the top level to page "Global Method Settings". There you should now see entry "TUPAS Test". Open it and set the necessary parameters.

  1. Select the Global Method Settings tab in Ubisecure Management after logging in as administrator
  2. Select the TUPAS authentication method
  3. Choose a Title that will be visible for end users
  4. Set Status enabled
  5. Go to Tupas 2 tab
  6. Set the url where the TUPAS Emulator has been installed

Configuring TUPAS Emulator in Ubisecure Server Management

Leave the other settings as default if your TUPAS Emulator configuration was also default. After completing these settings, Ubisecure Server is configured to use TUPAS Emulator for an authentication method.

After installation

Testing TUPAS Emulator authentication

TUPAS Emulator accepts only HTTP post -requests and does not reply to any HTTP get -requests. In order to test TUPAS Emulator, you have to configure an application, user or group to use TUPAS Emulator authentication method. For more detailed instructions for configuring authentication method for use, please refer to document Management user interface - SSO.

Logging in with the TUPAS Emulator

Please refer to your tupas.properties configuration file for configured usernames and passwords, which enable user access with TUPAS Emulator authentication method.