Ceptor Docs

Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Registration / reset code generation
  • OTP generation, sending and validation
  • Code verification
  • Password change
  • New user registration
  • Sending emails

...

Property

Value

Description

useradminservers

<url>

Default: localhost:15000

URL to useradmin server
ua_userid<userid>Userid to use when authenticating to useradmin server
ua_password<password>Password to use when authenticating to useradmin server
useridpassword.autounlockminutes

<value in minutes>

Default: 0

If nonzero, and user was automatically locked due to too many failed password attempts, he will automatically be unlocked after the specified number of minutes.
useridpassword.maximuminvalidpasswordattempts

<number>

Default: 0

If nonzero, and if invalid login attempts reaches this limit, the user is automatically locked.
registrationmail.smtp.host<hostname>Hostname of SMTP server
registrationmail.smtp.port

<number>

Default: 25

Port number of SMTP server
registrationmail.smtp.protocolDefault: smtpsProtocol to use when connecting to SMTP server
registrationmail.smtp.user

<userid>

Userid to authenticate to SMTP server - can optionally be encrypted/obfuscated - see Encrypting or Obfuscating Passwords
registrationmail.smtp.password<password>Password to use when authenticating with the SMTP server - can optionally be encrypted/obfuscated - see Encrypting or Obfuscating Passwords
registrationmail.from<email address>Email address that the messages are sent from
registrationmail.mimetype<mimetype>Mimetype to send emails with - should be text/plain or text/html
registrationmail.replyto<email address>Reply-to email address
registrationmail.subject<string>Subject of registration email
registrationmail.message<string>Registration email message
registrationmail.reset.subject<string>Subject of password reset email
registrationmail.reset.message<string>Password reset email message
registrationmail.otp.subject<string>Subject of OTP email
registrationmail.otp.message<string>OTP email message

Dynamic Email Message Content

...

After changing the password, it will delete an eventual earlier sent registration code challenge.

Generate OTP email

To send a new One-Time-PIN email, call:

Code Block
Agent.getInstance().newToken( getSessionId(), AuthTypes.AUTHTYPE_EMAIL, "emailotp");

This will lookup the user record, find the registered email address and generate a new one-time pin email to this user.

Before calling this, login with userid and password using the userid/password authentication plugin AuthTypes.AUTHTYPE_USERADMINISTRATION - but before calling login, set the state variable "require_otp" to "true" - if that is set, it will not complete the login, but will wait for a pending 2nd factor to be used.

The OTP will be stored in the session, and is available for use when logging in.

Verify OTP

Verify OTP code previously sent via email

Code Block
Agent.getInstance().login( getSessionId(), AuthTypes.AUTHTYPE_EMAIL, userid, new String[] {otpcode});

This will verify the code against the earlier sent one.

User Administration Server Login Methods

...