Preconditions
- Apache Tomcat 7.0.26 can be downloaded here
- Java JDK 1.6 can be downloaded here
- Eclipse developer IDE for JEE can be downloaded here
- Company / developer has ordered access to the test environment
- (Server setup: Own firewall changed to allow outgoing traffic on port 389. Access through Nets DanID firewal by supplying one or more servers that your requests will originate from.)
- To complete later step regarding using your own company certificate. Company / developer has ordered a test VOCES certificate and issued to a .jks file. See glossary
Walkthrough
1. Download the latest Service provider package Java source
Download latest service provider example application here (danish version)
Calling the PID/CPR webservice and checking certificates is functionality provided by the ooapi project, that is bundled with the example application as a .jar. You can also download the source from the same location that you will download the service provider example application.
2. Creating the project
Create a workspace/directory fx. tu_workspace and unzip the tuexample source to this location. Start Eclipse and choose Switch workspace. Point to the newly created directory/workspace.
Choose File|new|Dynamic web project.
Name your new project tuexample.
Choose New runtime.
Choose Tomcat 7 as your runtime. Dynamic web module version = 3.0 and then Next.
Select Tomcat 7and choose Next.
Browse your Tomcat installation directory and choose Finish.
Add source directories to your web project. Remove Src from source and add src/main/java and src/main/resources. This will add source, certificates and configuration to the classpath.
Set default output folder to WebContent/WEB-INF/classes. Choose Finish.
onfigure the web module settings by setting context root to tuexample and content directory to WebContent. Choose Finish.
3. Running the project locally
Your project is now set up as a web project that can be run on a web server inside the Eclipse IDE.
Right-click your project and choose Run as and Run on server.
Select Tomcat 7 and the default.
To avoid selecting Tomcat 7 on every run, you can check Always use this server when running this project. Choose Next.
Choose Finish to start Tomcat and deploy your project.
You should get the following tuexample startup page.
Selecting either of the demo entrances will load an applet for login or signing.
The default version of the browser that is bundled with this version of Eclipse, might not be able to render the applet. If this is the case then point your favourite browser to http://localhost:8080/tuexample (default Tomcat setup).
You should now be able to sign in users with both private - and employee certificates and also sign documents.
You could experience caching issues when running from eclipse/tomcat. You can verify your deployment by going into:
[your workspace]\.metadata\.plugins\org.eclipse.wst.server.core\tmp0\wtpwebapps.
To create users/identities for test, read the test documentation that can be downloaded from the main TU/service provider page.
4. Running with your own test company certificateYou should request access to the DanID test environment and here you can choose to either have DanID issue your certificate or issue it yourself.
The easiest way is to have your certificate issued in a Java keystore file(.JKS).
Add your new certificate under src/main/resources along with the default test certificate applet-parameter....jks.
Change the configuration:
Edit nemid.properties and set the name of your new keystore file with password and alias if this has changed.
Set your new SPID (service provider id) you will receive this when requesting access to the DanID test environment.
Set logonto - you will choose your own friendly name when requesting access to the DanID test environment. The friendly name will be shown on top of the applet where your users will log in.
Changes to nemid.properties that only affect changing certificate and not environment will be marked with
change when changing certificate inside nemid.properties, except reference to the keystore file and password:
Deploy your application and you should be able to go through the tuexample pages with your new configuration and certificate.
5. Extras and PID
To access extra functionality regarding types of documents to sign or access to the PID test page go to /tuexample/extras/.
Here you can click Test PID to go to the PID test page.
This page will allow you to do match and lookups.
Lookups are only available for Danish Govermental departments so you will most likely be using the match. This will tell you if PID from the users certificate match a CPR.
Screenshot shows how the page looks, but if you login to tuexample first, the PID value will be set from the certificate that you use to login.
6. Going live / into productionTo go into production please follow this guide (danish version)