Developing and Customizing the Sample IDP Captive Portal
The /webapp directory on the SDX application library CD contains the idpPortal.war file. The idpPortal.war file provides:
- Complete source code for the IDP captive portal in the WEB-INF/src directory
- Documentation for the Java classes used in the sample IDP captive portal in the /javadoc directory
For information about expanding the idpPortal.war file, see Configuring Properties for the Sample IDP Captive Portal.
The IDP captive portal uses the SAE CORBA remote application programming interface (API) to perform actions such as activating, deactivating, or scheduling services. For information about the SAE CORBA remote API, see the SAE CORBA remote API online documentation on the SDX software distribution in the directory SDK/doc/idl/index.html.
The tasks to deploy the sample IDP captive portal are:
- Configuring Properties for the Sample IDP Captive Portal
- Deploying the Updated WAR File
- Accessing the IDP Captive Portal
- Configuring the Redirect Server to Redirect Traffic to the IDP Captive Portal
Configuring Properties for the Sample IDP Captive Portal
The sample IDP captive portal provided with the SDX software is designed to be used with the IDP integration implementation and the sample data. To use the sample IDP captive portal, edit the WEB-INF/portal.props. The /opt/UMC/idp/idpPortal.war file contains the WEB-INF/portal.props file.
To edit the WEB-INF/portal.props file:
- Copy the idpPortal.war file to a temporary folder, and work in that folder.
- Extract the WEB-INF/portal.props file from the idpPortal.war file.
jar xvf idpPortal.war WEB-INF/portal.props- With a text editor, edit the WEB-INF/portal.props file:
- Review the entries for the SAE locator, and change them as needed to accommodate your SDX configuration.
See Locator Properties.
- Configure properties in the network information collector (NIC) proxy configuration section of the file.
For information about the values to configure for NIC properties, see SDX Network Guide: SAE, Juniper Networks Routers, and NIC, Chapter 7, Configuring Applications to Communicate with an SAE.
- Replace the WEB-INF/portal.props file and any other updated files in the idpPortal.war file.
jar uvf idpPortal.war WEB-INF/portal.propsBasic Portal Properties
In the WEB-INF/portal.props file, you can modify the following properties. These properties specify how the portal uses records received from IDP.
Attack.Record.number
- Maximum number of incident records to be stored for use by the IDP captive portal.
- Value—Integer in the range 1-2147483648
- Default—100
Attack.Record.removeStep
- Number of records to be deleted when the number of records stored reaches the limit specified by the Attack.Record.number property. The records are sequentially removed, starting with the oldest record, then the next oldest, and so forth.
- Value—<number>
- Guidelines—This number must be less than the value configured for Attack.Record.number.
- Default—10
DateTime.Format
- Format in which to display the date and time of an incident.
- Value—yyyy/MM/dd hh:mm:ss, where yyyy represents the year, MM the month, dd the day, hh the hour, mm the minute, and ss the second
- Guidelines—For more information about this property, including its value see
http://java.sun.com/j2se/1.4.2/docs/api/java/text/SimpleDateFormat.htmlDefault—No value <incident-name>
- Name of a parameter that indicates the type of security incident encountered, and provides a description of the parameter.
- Value—<parameter>=<description>
- Guidelines—Enter the parameter and description in the section "Attack Name and the corresponding description."
For information about security parameters, see the IDP documentation at
http://www.juniper.net/techpubs/software/management/idp/ICMP.EXPLOIT.FLOOD = Network traffic that is flooded by ICMP Echo Request Packet
TROJAN.AUTOPROXY.INFECTED-HOST = AutoProxy trojan attempts to contact a master server and register the IP address and open ports of the infected host
Attack.Captive.service
- Name of the service for the IDP captive portal. The IDP management server activates this service for subscribers who receive or send malicious traffic. If you use a "remind me later" control on the Web page and the subscriber selects this control, the portal deactivates this service and schedules service activation for a later time. If you use a "don't show this page again" control and the subscriber selects this control, the portal deactivates this service.
- Value—<service name>
- Default—Quarantine
Attack.showRemindLater
- Specifies whether the IDP captive portal page provides the Remind me again in field. This field lets subscribers specify a time at which the portal reminds them of the security incident.
- Value—true or false
- Default—true
Attack.showIgnore
- Specifies whether the IDP captive portal page provides the Don't show this page again field. The field lets subscribers stop display of the captive portal page for incidents that have already been detected. The portal displays another page when another incident occurs.
- Value—true or false
- Default—true
Locator Properties
In the WEB-INF/portal.props file, you can modify the following properties. Change these properties to conform to your configuration.
Factory.locator
- net.juniper.smgt.ssp.LocalFeatureLocator—Uses the locally configured object reference
- net.juniper.smgt.ssp.DistributedFeatureLocator—Uses NIC configuration
- Guidelines—If you specify net.juniper.smgt.ssp.LocalFeatureLocator, configure a value for LocalFeatureLocator.objectRef.
LocalFeatureLocator.objectRef
- Absolute path to the interoperable object reference (IOR) file in the form file://<absolutePath>
- Corbaloc URL in the format corbaloc::<host>:<port>/SAE
- <host>—IP address or host on which the SAE is installed.
- <port>—Port used by the SAE on the specified host. The default is 8801.
- Absolute path—file:///opt/UMC/sae/var/run/sae.ior
- corbaloc URL—corbaloc::10.10.6.171:8801/SAE
- Actual IOR—
IOR:000000000000002438444C3A736D67742E6A756E697...
DistributedFeatureLocator.locName
- Namespace for the NIC proxy configuration.
- Value—<namespace>
- Default—/, which indicates the root namespace
- Example—DistributedFeatureLocator.locName = /nicProxy indicates that the NIC proxy configuration is in /nicProxy.
Config.java.naming.provider.url
- Location of the LDAP server.
- Value—ldap://<IP address>:<port number>
- Default—No value
- Example—ldap://127.0.0.1:389
Config.net.juniper.smgt.des.backup_provider_urls
- Location of a backup LDAP server.
- Value—ldap://<IP address>:<port number>, with more than one URL separated by commas
- Default—No value
Deploying the Updated WAR File
To deploy the updated WAR file for the application:
If you are using JBoss, copy the file to the /opt/UMC/jboss/server/default/deploy directory. JBoss automatically starts the Web application when a new WAR file is copied into the deploy directory.
Accessing the IDP Captive Portal
Access the portal to ensure that you can view the page and to review the page setup. To access the IDP captive portal:
http(s)://<host>:<port>/idpPortalConfiguring the Redirect Server to Redirect Traffic to the IDP Captive Portal
To configure the SDX redirect server to redirect Web requests to the IDP captive portal:
- Follow the instructions for configuring the redirect server in SDX Subscribers and Subscriptions Guide, Chapter 9, Overview of the Residential Portal.
- In the /opt/UMC/redir/etc/redir.properties file, specify the URL of the IDP captive portal for the redir.url property. This entry has the form
redir.url=http(s)://<host>:<port>/idpPortal/PortalDisplay.jsp