NemID authetication

From TempusServa wiki
Revision as of 14:07, 13 December 2017 by old>Admin (→‎Authentication component)
Jump to navigation Jump to search

Setiing up NemID

Topology considerations

NemID authenitication is handled by an external component, that a Tempus Serva platform communicates with.

The component is communicates by redirecting via URL's

  • The NemID component does not need to be installed same place as the Tempus Serva installation.
  • Multiple Tempus Serva servers or instances can share the same NemID component

Authentication component

Install NemID component

Copy the NemID.war file to <webroot>

Check that the file is deployed succesfully

Get hold of your certificate

You will have received an email with credentials for issuing the company certificate:

Nets guide to certificate issuing (danish)

Choose "Java keystore" as certificate type and remember to write down the password.

Add certificate to NemID component

Upload the certificate to the server <webroot>/NemID/WEB-INF/classes/

Now edit <webroot>/NemID/WEB-INF/classes/nemid.properties

  • nemid.applet.parameter.signing.keystore
  • nemid.applet.parameter.signing.keystore.password
  • nemid.applet.parameter.signing.keystore.alias
  • nemid.applet.parameter.signing.keystore.keypassword

Both passwords is the one choosen earlier.

Set server reference to NemID component

Please check that you have an URL for the NemID component. Example:

 /NemID/tslogin/log-ind-med-javascript.jsp

Now set server to the correct URL

  1. Log in to designer
  2. Select Modules > Configuration
  3. Find authenticationNemidService
  4. Update the URL

Applying NemID authentication

Activate NemID in interfaces

In a solution webinterface set "Authentication" to "NemID"

Configuring field mapping

Field mappings will copy values from the authenication process to fields in records

Set the following server configuration to true

  • propertiesSetValues

For the fields that should contain NemID authentication values

  1. Edit field
  2. Click Assignment
    • CheckReadonly
    • Set name of attribute (ex. fname)