Author: Pedro Igor
Level: Beginner
Technologies: CDI, PicketLink, JSF
Summary: Basic example that demonstrates how to use two-factor authentication using Time-based One-Time Passwords(TOTP) with a JSF view layer
Source: https://github.com/jboss-developer/jboss-picketlink-quickstarts/
This example demonstrates the use of CDI 1.0 and PicketLink in JBoss Enterprise Application Platform 6 or WildFly.
You'll learn from this quickstart how to use PicketLink to authenticate users using a two-factor authentication with Time-based One-Time Passwords(TOTP).
The application provides a login page from where you can sign in using an username/password and a token.
At your first login, you will be redirect to a page from where you will be able to scan a QR Code. This QR Code can be read by your phone using the Google Authenticator application.
After installing the application in your phone, you should be able to scan the QR Code to configure an account. Your new account will generate tokens every 30 seconds.
Please, check the server where the application is deployed and make sure its date/time is in sync with your phone. Otherwise, the tokens won't be valid. By default, you can provide the same token in a 60 seconds interval. This is fully configurable.
Now you can use the tokens to perform a two-factor based authentication.
The latest PicketLink documentation is available here.
All you need to build this project is Java 6.0 (Java SDK 1.6) or better, Maven 3.0 or better.
The application this project produces is designed to be run on JBoss Enterprise Application Platform 6 or WildFly.
If you have not yet done so, you must Configure Maven before testing the quickstarts.
-
Open a command line and navigate to the root of the JBoss server directory.
-
The following shows the command line to start the server with the web profile:
For Linux: JBOSS_HOME/bin/standalone.sh For Windows: JBOSS_HOME\bin\standalone.bat
NOTE: The following build command assumes you have configured your Maven user settings. If you have not, you must include Maven setting arguments on the command line. See Build and Deploy the Quickstarts for complete instructions and additional options.
-
Make sure you have started the JBoss Server as described above.
-
Open a command line and navigate to the root directory of this quickstart.
-
Type this command to build and deploy the archive:
For EAP 6: mvn clean package jboss-as:deploy For WildFly: mvn -Pwildfly clean package wildfly:deploy -
This will deploy
target/picketlink-authentication-two-factor.warto the running instance of the server.
The application will be running at the following URL: http://localhost:8080/picketlink-authentication-two-factor.
-
Make sure you have started the JBoss Server as described above.
-
Open a command line and navigate to the root directory of this quickstart.
-
When you are finished testing, type this command to undeploy the archive:
For EAP 6: mvn jboss-as:undeploy For WildFly: mvn -Pwildfly wildfly:undeploy
You can also start the server and deploy the quickstarts from Eclipse using JBoss tools. For more information, see Use JBoss Developer Studio or Eclipse to Run the Quickstarts
If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them.
mvn dependency:sources
mvn dependency:resolve -Dclassifier=javadoc