VIDEO
HIGHLIGHT
Log InSign up
Passwordless X1280 - Applied Theory Education
SummaryTranscriptChat

Passwordless X1280 - Applied Theory Education

Passwordless X1280 Training Overview

Introduction to Passwordless X1280

  • Greetings from Byung-geun Park, Director at DualAuth, introducing the training materials for Passwordless X1280. The focus will be on applying the service to a web application.
  • An overview of the content structure is provided, including steps for service application and a visual explanation of the service structure using diagrams. A separate video will cover practical training in detail.

Service Application Process

  • The process consists of three main stages:
  1. Service Registration: Registering application information and domain approval.
  1. Server Installation: Setting up the Passwordless X1280 server via Docker.
  1. Web Application Integration: Applying the service through UI or RESTful API methods; this video focuses on RESTful API provision.

User Authentication Flow

  • When a user attempts to log in, the web server communicates with the authentication server to generate an automatic password displayed on both web and mobile devices. This triggers biometric verification for authentication completion.
  • User authentication data is sent back to the web application server after verification, allowing it to process login completions and subsequent tasks effectively.

Detailed Service Registration Steps

Membership Registration Process

  • Users access the Passwordless Members Site URL, register for membership, and install the Passwordless X1280 app on their mobile device before creating an account within it. Afterward, they can log into the Members Site successfully.

Adding Services

  • Post-login, users can add services by verifying their domain address within the Members Site:
  • Clicking "Sign up" prompts email entry for registration.
  • A verification email is sent upon clicking "Register," which can be resent if necessary.
  • Verification leads users back to account registration via a link in their email message.

QR Code Scanning for Account Setup

  • Users scan a QR code using their mobile app's camera function to complete account registration efficiently after logging into the Members Site again where they can add services in either Normal or Test mode options available for development purposes.

Normal Mode vs Test Mode

Normal Mode Details

  • In Normal mode:
  • Service Name: Designation used for reference.
  • Service Domain: URL connecting to actual web applications.
  • Private IP Address: Recognizable IP by authentication servers (internal or public).
  • Passwordless Server Domain: Domain receiving authenticated results from user devices.

This mode requires business registration documentation uploaded as proof of entity operation along with region selection based on location (e.g., 'Asia' if located in Korea). Upon completion, a domain verification token is generated that must be applied as DNS TXT value by domain administrators for validation purposes before being marked as "in use." License key files become downloadable post-verification completion.

Test Mode Insights

  • In Test mode:
  • Similar information input as Normal mode but allows flexibility without duplicate checks on IP/domain addresses.
  • Validity lasts only for fifteen days post-registration without notification messages sent regarding expiration dates—ideal for development practice purposes only.

Installation and Configuration of Passwordless X1280 Server

Test Mode Registration

  • In Test mode, the service is registered as "In Use" without domain verification or Trust Member approval. Users can download the license key file directly.
  • The registration process for the Members Site has been completed, leading to the installation of the Passwordless X1280 server using Docker.

Docker Installation Process

  • The Passwordless X1280 server can be installed in any environment that supports Docker. A demonstration will focus on installing it on a Rocky Linux Server.
  • After installing Docker, users must configure network settings by executing a specific Docker run command from the Passwordless X1280 Single page on Docker Hub.

Network and Firewall Configuration

  • If not using a certificate, set USE_SSL to False; otherwise, further instructions will follow. Ensure that necessary ports are allowed through the Rocky Linux firewall before restarting Docker.
  • Verify successful installation by checking connections for Docker's network and confirming installations of various servers: authentication server, User Connection Server, and Push Request Server.

Certificate Management

  • For those using certificates with the Passwordless Server, an issued certificate for its domain is required to create a Tomcat keystore file.
  • Copying certificate files into the Docker container involves locating the container ID and creating an SSL folder within it before restarting Docker.

Administrator Access and Initial Setup

  • Upon accessing the administrator page for the authentication server, upload your saved license key file. The initial login credentials are admin/admin but can be changed later.
  • Save both server ID and key values after logging in; these are essential for future web application integration. Note that generating new keys occurs each time you click "Server Key Issuance."

Web Application Integration Options

  • Users can choose between UI provision (pre-built default UI with no modifications allowed) or RESTful API methods (customizable design requiring additional coding).

Login Method Classifications

  • There are two classifications: combined methods allow existing password use alongside Passwordless Login; separated methods do not permit this. To revert to password usage in separated methods requires deactivating the Passwordless account first.

Repository Examples for Web Applications

  • Service registration and server installation processes conclude here; examples available on GitHub include Java, ASP, PHP, React repositories among others.

Applying Java API in Web Application Development

Cloning Repository

  • Clone Java REST API web service from GitHub repository to initiate web application development. A detailed demonstration will follow in subsequent content.

Authentication Features

  • On accessing Authentication Server Administrator page, select "REST" as your API usage type. The created web application features membership registration along with both Password Login and Passwordless Login capabilities.

Sample Project Functionality

  • This sample project supports functionalities such as password changes and account deactivation while allowing testing of both login types through user-friendly buttons like Sign-Up for traditional logins or registering via Passwordless App.

Account Registration Process

  • After registering an account in the Passwordless App through provided options, users can authenticate using automatic passwords generated by servers compared against those from their apps.

This structured overview provides clear insights into each step involved in setting up and utilizing the Passwordless X1280 system effectively while also detailing how to integrate it into web applications seamlessly.

Passwordless Authentication Demonstration

Overview of Passwordless Login Process

  • The demonstration begins with the installation of a mobile app to verify the operation of Passwordless authentication. Users enter their account details and proceed to log in.
  • Upon login, the server generates an automatic password that is displayed on both the web page and the user's mobile device.
  • After entering their credentials, users complete authentication through biometric verification, which facilitates a seamless login experience.

Features of the Sample Web Application

  • The sample web application includes most necessary coding for authentication processes, allowing users to explore various features thoroughly.
  • A demo website is available where users can freely test functionalities such as sign-up, deactivation, and Passwordless Login processes.
Video description

International Standard Technology ITU-T X.1280 Passwordless X1280 1. Applied Theory Education 02:33 - Service registration process 07:18 - Passwordless server installation process 10:16 - Administrator page setup on the installed server 12:02 - Web application deployment process Demo Application http://app-edu.filingcloud.com/ GitHub https://github.com/PasswordlessAlliance Passwordless Alliance Website http://passwordlessalliance.org Passwordless Members Website http://members.passwordlessalliance.org Collection of Passwordless X1280 Development-Related Files Links https://drive.google.com/drive/u/0/folders/1mBG_JQSjsVHILC-kkQlS9YCt8owXADZk Dockerhub Website https://hub.docker.com/r/dualauth/passwordless-x1280-single