Code Integration

After installing the SDK and configuring OneSpan Authentication Server accordingly (see Configure OneSpan Authentication Server for SDK integration), you need to configure the website you want to integrate the SDK with.

These settings should be applied to the controller.properties file:

• For a web application, the file should be located in the WEB-INF/classes directory.
• For a console or GUI application, the file should be located in the root directory of the JAR file.
• A custom file location can also be specified when instantiating the class com.vasco.identikey.controller.ConfigurationBean.

soap.host.primary = https://localhost:8888
soap.host.backup = https://localhost:8888

# Component type definitions
component.type.authentication = Authentication Sample Client
component.type.signature = Signature Sample Client

# valid values are : 4 (Cleartext/separate) or 0 (Cleartext/combined)
password.format = 0

The value of component.type.authentication should match the client type used by the client component created for the integrated website (see Configure OneSpan Authentication Server for SDK integration). For more information about these settings, see  Sample website configuration file.

Required dependencies

Once you have installed the SDK and configured OneSpan Authentication Server and the integrated website, add the following dependencies to the integrated website:

• The OASAuthSoapClient artifact provided in sdk_install_dir/java_platform/bin.
• The OASAuthSoapWrapper artifact provided in sdk_install_dir/java_platform/bin.
• The ImageGeneratorSDK artifact provided in the local Maven repository under sdk_install_dir/java_platform/bin/m2repository.
• The UtilitiesSDK artifact provided in the local Maven repository under sdk_install_dir/java_platform/bin/m2repository.
• Apache Commons Logging, version 1.2, available at https://mvnrepository.com/artifact/commons-logging/commons-logging/1.2.

java_platform denotes the respective Java platform, i.e. either Jakarta or Java.

Creating a logon form

Add the following code snippets to the webpage, which displays the logon form. For the user ID (required):

<input type="text" size="20" maxlength="16" title="User ID" name="CREDFLD_USERID"/>

For the domain (required):

<input type="text" size="20" maxlength="16" title="Domain" name="CREDFLD_DOMAIN"/>

You will also need to add a field for the one-time password (OTP). The following field is required for OTP logins:

<input type="text" size="20" maxlength="20" title="OTP" name="CREDFLD_DP_RESPONSE"/>

The following snippet is for the server PIN, typically used with authenticators without keypad:

<input type="password" size="20" maxlength="8" title="PIN" name="CREDFLD_CURRENT_PIN"/>

The following field is needed if any users will need to log in using a static password:

<input type="password" size="20" maxlength="20" title="Password" name="CREDFLD_STATIC_PASSWORD"/>

Users might need to log in with a static password in the following cases:

• Staged deployment of a Digipass solution
• There is a delay between assignment of an authenticator and the delivery of the authenticator to the user (grace period in use)
• Users must log in using both their password and an OTP

A host code field may also be used to authenticate the website to the user after the login. The host code matches the code generated by the user's authenticator and provides visual confirmation that they have not been directed to the incorrect site. This functionality is not supported by every type of authenticator.

<input type="checkbox" class="bool" title="Request Host Code" name="CREDFLD_REQUEST_HOST_CODE"/>

Creating a logon target page

Add the following code to the page which handles the submitted form data:

<%@ page import="com.vasco.identikey.model.Credentials" %>
<%@ page import="com.vasco.identikey.controller.IdentikeyError" %>
<%@ page import="com.vasco.identikey.controller.authentication.AuthenticationCommandResponse" %>

<jsp:useBean id="authenticationBean" class="com.vasco.identikey.controller.authentication.AuthenticationBean" scope="page" />

<%
  // Credentials have been provided, now perform the request
  String userID = Request["CREDFLD_USERID"];
  String domain = Request["CREDFLD_DOMAIN"];
  String pin = Request["CREDFLD_CURRENT_PIN"];
  String dpResponse = Request["CREDFLD_DP_RESPONSE"];
  String password = Request["CREDFLD_STATIC_PASSWORD"];
  Boolean rhc = (Boolean)"on".equals(Request["CREDFLD_REQUEST_HOST_CODE"]);
  
  // Execute the command
  AuthenticationCommandResponse results = authenticationBean.authUser(domain, userID, pin, dpResponse, password, reqHostCode);

  if (results.getReturnCode() == 0) {
    Credentials credentials = results.getResults();
    String hostVerificationId = credentials.getHostCode();
%>
    // If using the request host code feature, the host verification code should be displayed before continuing.
    // Redirect the user to the secure pages
<%
  } else {
    // Redirect to an error page; this should display any errors returned by the authentication server
  }
%>

After integrating all the required code, complete the WAR file and re-deploy your website.