Installation of OneSpan User Websites on Linux

OneSpan User Websites can be installed and automatically configured with the setup packages provided for the supported distributions, i.e. the OneSpan User Websites Setup for Red Hat Enterprise Linux (.rpm) and Ubuntu Server (.deb).

The OneSpan User Websites Setup includes an embedded Apache Tomcat web server. If you want to use an existing web server, you need to deploy OneSpan User Websites manually (see Deploy and configure OneSpan User Websites manually (Optional)).

OneSpan User Websites can be installed with the following options:

  • Local. OneSpan User Websites and OneSpan Authentication Server are installed on the same server.
  • Remote. OneSpan User Websites is installed and deployed standalone, i.e. OneSpan Authentication Server and OneSpan User Websites are installed on separate servers.

Before you begin

  • Ensure that you have successfully installed OneSpan Authentication Server.
  • Ensure that at least one of the default ports used by Apache Tomcat is not used by another program, i.e. port 8443 or 9443. The setup package tests whether the ports are in use and automatically binds Apache Tomcat to the first unused port.
  • Ensure that you are logged on using a user account with sufficient administration privileges on the machine to run the installation.

Installation of OneSpan User Websites on Linux

To install OneSpan User Websites on Linux (locally)

  1. Open a terminal.
  2. Log in as root using the hyphen option (su -). This ensures that you load the root profile, not the default profile.

  3. Insert the OneSpan Authentication Server product CD and navigate to the following folder:

    cd_drive/OneSpan User Websites

  4. Launch the OneSpan User Websites script.

    1. Locate the install script install-uws.sh, and run the following command:

      ./install-uws.sh

      The install script will guide you through the installation.

    2. Use Space to scroll through the OneSpan license agreement and type yes to accept it.

    3. Press Enter to start the installation.

      Both the Virtual Mobile Authenticator OTP Request Website and User Self-Management Website are automatically installed. To disable one of the sites, you must disable the relevant .war file (selfmgmt.war or votp.war) in the Apache Tomcat configuration file server.xml.

      By default, this file is located in /opt/onespan/uws/tomcat/conf.

      At least one website must be enabled!

      OneSpan User Websites is being installed. If OneSpan Authentication Server has already been installed, OneSpan User Websites is configured to use the local OneSpan Authentication Server instance automatically. If OneSpan Authentication Server has not been installed, OneSpan User Websites remains unconfigured and you need to configure it manually (see Additional tasks).

To install OneSpan User Websites on Linux (remotely)

  1. On the remote server, open a terminal.

  2. Change to the folder on the product CD where the OneSpan User Websites Setup is located:

    cd_drive/OneSpan User Websites

  3. Run the following command:

    ./install-uws.sh

    OneSpan User Websites is installed with the specified server parameters to configure the connection to the OneSpan Authentication Server instance.

    If a connection to the OneSpan Authentication Server instance cannot be established, OneSpan User Websites is installed but not configured.

Additional tasks

If the OneSpan User Websites Setup does not detect OneSpan Authentication Server, OneSpan User Websites is not configured. If you install OneSpan Authentication Server on the same computer later, you need to configure OneSpan User Websites after the installation manually.

To configure OneSpan User Websites manually

  1. Open a terminal and navigate to the OneSpan User Websites installation folder, by default /opt/onespan/uws.

  2. Run the following command:

    admintool type website autoadd nameurl

    where:

    • website is the website to configure, i.e. selfmgmt for User Self-Management Website and votp for Virtual Mobile Authenticator OTP Request Website. If you deploy both websites, you need to run the command twice with different parameters for type.
    • name is the parameter to set an instance of OneSpan Authentication Server as primary or backup server. Possible values are primary or backup.
    • url is the IP address including the SOAP port of the OneSpan Authentication Server instance in URL format, e.g. https://10.2.2.15:8888.

A server record for OneSpan Authentication Server is created. Any available SSL certificates are added to the OneSpan User Websites trust store.

Next steps

  • If required, verify and perform any post-installation task that is necessary to complete the installation.

Uninstall OneSpan User Websites on Linux

To uninstall OneSpan User Websites on Linux, run the following command from the CD drive:

./uninstall-uws.sh

Related Tasks

Configure Open Firewall Ports

Register OneSpan User Websites in OneSpan Authentication Server

Configure Primary and Backup OneSpan Authentication Server Instances

Considerations for Setting Up User Self-Management Website for Self-Assignment