[Contents] [Prev] [Next] [Index] [Report an Error]

Developing and Customizing the Sample IDP Captive Portal

The /webapp directory on the SRC application library CD contains the idpPortal.war file. The idpPortal.war file provides:

Complete source code for the IDP captive portal in the WEB-INF/src directory
Documentation for the Java classes used in the sample IDP captive portal in the /javadoc directory

For information about expanding the idpPortal.war file, see Configuring Properties for the Sample IDP Captive Portal .

The IDP captive portal uses the SAE CORBA remote application programming interface (API) to perform actions such as activating, deactivating, or scheduling services. For information about the SAE CORBA remote API, see the SAE CORBA remote API online documentation on the SRC software distribution in the directory SDK/doc/idl/index.html.

The tasks to deploy the sample IDP captive portal are:

Configuring Properties for the Sample IDP Captive Portal

The sample IDP captive portal provided with the SRC software is designed to be used with the IDP integration implementation and the sample data. To use the sample IDP captive portal, edit the WEB-INF/portal.props. The /opt/UMC/idp/idpPortal.war file contains the WEB-INF/portal.props file.

To edit the WEB-INF/portal.props file:

Copy the idpPortal.war file to a temporary folder, and work in that folder.
Extract the WEB-INF/portal.props file from the idpPortal.war file.
jar xvf idpPortal.war WEB-INF/portal.props
With a text editor, edit the WEB-INF/portal.props file:
- Review the basic portal properties, and update as needed.
  See Basic Portal Properties.
- Review the entries for the SAE locator, and change them as needed to accommodate your SRC configuration.
  See Locator Properties.
- Configure properties in the network information collector (NIC) proxy configuration section of the file.
  For information about the values to configure for NIC properties, see Overview of NIC Proxy Configuration.
Replace the WEB-INF/portal.props file and any other updated files in the idpPortal.war file.
jar uvf idpPortal.war WEB-INF/portal.props

Basic Portal Properties

In the WEB-INF/portal.props file, you can modify the following properties. These properties specify how the portal uses records received from IDP.

Attack.Record.number

Maximum number of incident records to be stored for use by the IDP captive portal.
Value—Integer in the range 1–2147483648
Default—100

Attack.Record.removeStep

Number of records to be deleted when the number of records stored reaches the limit specified by the Attack.Record.number property. The records are sequentially removed, starting with the oldest record, then the next oldest, and so forth.
Value—<number>
Guidelines—This number must be less than the value configured for Attack.Record.number.
Default—10

DateTime.Format

Format in which to display the date and time of an incident.
Value—yyyy/MM/dd hh:mm:ss, where yyyy represents the year, MM the month, dd the day, hh the hour, mm the minute, and ss the second
Guidelines—For more information about this property, including its value see
http://java.sun.com/j2se/1.4.2/docs/api/java/text/SimpleDateFormat.html
Default—No value

<incident-name>

Name of a parameter that indicates the type of security incident encountered, and provides a description of the parameter.
Value—<parameter>=<description>
Guidelines—Enter the parameter and description in the section ” Attack Name and the corresponding description.”
For information about security parameters, see the IDP documentation at

http://www.juniper.net/techpubs/software/management/idp/
Default—No value
Example
ICMP.EXPLOIT.FLOOD = Network traffic that is flooded by ICMP Echo Request Packet

TROJAN.AUTOPROXY.INFECTED-HOST = AutoProxy trojan attempts to contact a master server and register the IP address and open ports of the infected host

Attack.Captive.service

Name of the service for the IDP captive portal. The IDP management server activates this service for subscribers who receive or send malicious traffic. If you use a “ remind me later” control on the Web page and the subscriber selects this control, the portal deactivates this service and schedules service activation for a later time. If you use a “ don't show this page again” control and the subscriber selects this control, the portal deactivates this service.
Value—<service name>
Default—Quarantine

Attack.showRemindLater

Specifies whether the IDP captive portal page provides the Remind me again in field. This field lets subscribers specify a time at which the portal reminds them of the security incident.
Value—true or false
Default—true

Attack.showIgnore

Specifies whether the IDP captive portal page provides the Don’t show this page again field. The field lets subscribers stop display of the captive portal page for incidents that have already been detected. The portal displays another page when another incident occurs.
Value—true or false
Default—true

Locator Properties

In the WEB-INF/portal.props file, you can modify the following properties. Change these properties to conform to your configuration.

Factory.locator

Method that the portal uses to locate the SAE.
Value
- net.juniper.smgt.ssp.LocalFeatureLocator—Uses the locally configured object reference
- net.juniper.smgt.ssp.DistributedFeatureLocator—Uses NIC configuration
Guidelines—If you specify net.juniper.smgt.ssp.LocalFeatureLocator, configure a value for LocalFeatureLocator.objectRef.

LocalFeatureLocator.objectRef

Location of the SAE server.
Value—Location in one of the following formats:
- Absolute path to the interoperable object reference (IOR) file in the form file://<absolutePath>
- Corbaloc URL in the format corbaloc::<host>:<port>/SAE
  - <host>—IP address or host on which the SAE is installed.
  - <port>—Port used by the SAE on the specified host. The default is 8801.
- The actual IOR in the form IOR:<objectReference>
Default—No value
Examples
- Absolute path—file:///opt/UMC/sae/var/run/sae.ior
- corbaloc URL—corbaloc::10.10.6.171:8801/SAE
- Actual IOR—
  IOR:000000000000002438444C3A736D67742E6A756E697...

DistributedFeatureLocator.locName

Namespace for the NIC proxy configuration.
Value—<namespace>
Default—/, which indicates the root namespace
Example—DistributedFeatureLocator.locName = /nicProxy indicates that the NIC proxy configuration is in /nicProxy.

Config.java.naming.provider.url

Location of the LDAP server.
Value—ldap://<IP address>:<port number>
Default—No value
Example—ldap://127.0.0.1:389

Config.net.juniper.smgt.des.backup_provider_urls

Location of a backup LDAP server.
Value—ldap://<IP address>:<port number>, with more than one URL separated by commas
Default—No value

Deploying the Updated WAR File

To deploy the updated WAR file for the application:

Copy the file to the deployment directory for your Web server.
If you are using JBoss, copy the file to the /opt/UMC/jboss/server/default/deploy directory. JBoss automatically starts the Web application when a new WAR file is copied into the deploy directory.

Accessing the IDP Captive Portal

Access the portal to ensure that you can view the page and to review the page setup. To access the IDP captive portal:

Enter a URL in the following form in your Web browser, and press Enter.
http(s)://<host>:<port>/idpPortal

Configuring the Redirect Server to Redirect Traffic to the IDP Captive Portal

To configure the redirect server to redirect Web requests to the IDP captive portal:

Follow the instructions for configuring the redirect server in Overview of the Residential Portal .
In the /opt/UMC/redir/etc/redir.properties file, specify the URL of the IDP captive portal for the redir.url property. This entry has the form
redir.url=http(s)://<host>:<port>/idpPortal/PortalDisplay.jsp

[Contents] [Prev] [Next] [Index] [Report an Error]