Deploying Enrollment Server

This chapter explains how to deploy Enrollment Server.

The enrollment server component will need to be customized in case you need to customize the activation process. The customization is described in the tutorial Implementing the Server-Side for Authentication in Mobile Banking Apps (SCA).

Downloading Enrollment Server

You can download the latest enrollment-server.war from the Enrollment Server releases page.

Configuring Enrollment Server

The default implementation of an Enrollment Server has only one compulsory configuration parameter powerauth.service.url that configures the REST service location of a PowerAuth Server. The default value for this property points to localhost:

powerauth.service.url=http://localhost:8080/powerauth-java-server/rest

Configuration of Enrollment Server Functionality

Publishing of Mobile Token endpoints can be enabled or disabled using following configuration property:

enrollment-server.mtoken.enabled=true

The activation spawn functionality can be enabled or disabled using following configuration property:

enrollment-server.activation-spawn.enabled=false

Setting Up REST Service Credentials

(optional) In case PowerAuth Server uses a restricted access flag in the server configuration, you need to configure credentials for the Enrollment Server so that it can connect to the REST service:

powerauth.service.security.clientToken=
powerauth.service.security.clientSecret=

The RESTful interface is secured using Basic HTTP Authentication (pre-emptive). The credentials are stored in the pa_integration table.

Configuring Push Server

The Enrollment Server also allows simple device registration to push notifications by calling PowerAuth Push Server API. While configuring this URL is technically optional, we recommend configuring the push server URL:

powerauth.push.service.url=http://localhost:8080/powerauth-push-server

Deploying Enrollment Server

You can deploy Enrollment Server into any Java EE container.

The default configuration works best with Apache Tomcat server running on default port 8080. In this case, the deployed server is accessible on http://localhost:8080/enrollment-server/.

To deploy Enrollment Server to Apache Tomcat, simply copy the WAR file in your webapps folder or deploy it using the “Tomcat Web Application Manager” application (usually deployed on default Tomcat address http://localhost:8080/manager).

Running Enrollment Server from console using the java -jar command is not supported.

Deploying Enrollment Server On JBoss / Wildfly

Follow the extra instructions in chapter Deploying Enrollment Server on JBoss / Wildfly.

Supported Java Runtime Versions

The following Java runtime versions are supported:

  • Java 8 (LTS release)
  • Java 11 (LTS release)
  • Java 17 (LTS release)

The Enrollment Server may run on other Java versions, however we do not perform extensive testing with non-LTS releases.

Last updated on Jan 24, 2022 (21:47) Edit on Github Send Feedback
Search

1.2.x

Enrollment Server