SOAP Authentication Wrappers

The Authentication component is used to validate one-time password (OTP) values. This component implements a system similar to load balancing, which means that two SOAP servers can be defined in a configuration. If the primary server fails to respond, an attempt will be made with the second one. If the second one fails to respond too, the request is dismissed and the relevant error code is returned.

The AuthenticationBean maps all commands defined in the OneSpan Authentication Server authentication WSDL file.

All methods return high-level objects that wrap the server’s response. All those objects are subclasses of the IdentikeyResponse, which defines methods common to all objects. For a list of different methods defined by this class, see Overview of SOAP wrappers.

The authentication commands return an AuthenticationCommandResponse object that wraps the server’s response.

1-step Challenge/Response

There is no default policy for the 1-step Challenge/Response option. This means that a policy must be edited to successfully allow this option to work.

The SDK Authentication client uses the Authentication Sample Client client component, which is linked to the Identikey Local Authentication policy by default. The Identikey Local Authentication policy must be configured accordingly to allow 1-step Challenge/Response.

To configure OneSpan Authentication Server to allow 1-step Challenge/Response

1. Launch the Administration Web Interface.
2. Navigate to the Policies tab and list the policies.
3. Select the IDENTIKEY Local Authentication policy.
4. In the Challenge tab, set 1-Step Challenge/Response to Yes – Server Challenge.
5. In the DP Control Parameters tab, set Challenge Check Mode to 0 – No Challenge Check.