3 Tutorials - Reference Documentation
Authors: Sami Mäkelä
Version: 1.1.1
Table of Contents
3 Tutorials
Here you can find examples how to use this plugin.3.1 Radius authentication using Mobile-OTP
Mobile-OTP is a free "strong authentication" solution for mobile devices like phones or PDAs.Using static passwords for authentication, as it is commonly done, has quite a few security drawbacks: passwords can be guessed, forgotten, written down and stolen, eavesdropped or deliberately being told to other people. A better, more secure way of authentication is the so called "two-factor" or "strong authentication" based on one time passwords. Instead of authenticating with a simple password, each user carries a device ("token") to generate passwords that are valid only one time.3.1.1 MOTP Server
In this tutorial we are using Mobile-OTP Authentication Server (MOTP-AS) as our server.It's full blown RADIUS server specifically for Mobile-OTP. Features include:- authenticating users by RADIUS (and optionally PAM or Apache)
- SQL database for user/device configuration
- Administration Web Interface (for admins and users)
3.1.1.1 Configuration
After you have installed MOTP-AS follow next steps.- Login to MOTP-AS administration web interface (username: admin password: motp).
- Go to SYSTEM -> RADIUS -> RADIUS CLIENTS
- Add new client:
- Name:
Name of your client (Without spaces)
- Secret:
Your shared secret
- IP:
IP adress of the machine where Grails application is going to be running
- Go to ADMINISTRATION -> USERS
- Add new user:
- User:
Username of the user
- Name:
Name of the user
- Role: User
- Go to ADMINISTRATION -> DEVICES
- Add new device:
- Name:
Name of the device
- Secret:
Your mobile client's shared secret (e.g mobilephone)
- Timezone:
Leave blank
- Go to ADMINISTRATION -> ACCOUNTS
- Add new account
- User:
Choose the user you created
- PIN:
Your mobile client's PIN (e.g 1234)
- Device:
Choose the device you created
3.1.2 MOTP Client
I recommend these clients for using MOTP:iPhone: iOTPAndroid: DroidOTPFor another platforms go to MOTP web-site.Next you have to configure same shared secret that you created in server configuration for the device.3.1.3 MOTP and Grails application
All you need to do is install "grails-spring.security-radius" -plugin and do a minimum configuration tograils-app/conf/Config.groovy
.After that you can start authenticate with one-time passwords.Please make sure your mobile client's and MOTP server's clocks are synchronized!