Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

SafeNet Java Authentication SDK

Configuring SafeNet Java Authentication SDK

search

Please Note:

printsuggest an edit

Configuring SafeNet Java Authentication SDK

Note

Always work in Run as administrator mode when installing, configuring, or uninstalling the SafeNet Java Authentication SDK.

copy link to clipboardPush Authentication

The SafeNet Java Authentication SDK supports Push OTP when working with MobilePASS+.

Note

Push Authentication is supported with the SAS PCE version 3.16 (and above).

copy link to clipboardConfiguring SafeNet Java Authentication SDK – Windows

To configure SafeNet Java Authentication SDK in Windows, use the Java API Manager.

copy link to clipboardOpening Java API Manager

To open the Java API Manager, perform the following steps:

  1. Navigate to the following path:

    Program Files\Thales\JavaSDK

  2. Execute the JavaAPIManager.exe file.

    Note

    The JavaAPIManager.exe file uses the following files for configuration:

    \Program Files\Thales\JavaSDK\JavaAPIManager.exe

    \Program Files\Thales\JavaSDK\Nini.dll

copy link to clipboardConfiguring Policy Settings

To configure policy settings, perform the following steps:

  1. Select the Policy tab.

    alt_text

  2. To send the remote client IP address to the SafeNet server select Send Remote Client IP Address to SAS Server checkbox. Clear the checkbox to use the agent’s IP address.

copy link to clipboardConfiguring Communications Settings

To configure Communications settings, perform the following steps:

  1. Select the Communications tab.

    alt_text

  2. To connect primary and failover server(s), enter the following fields:

    • Primary Server (IP:Port) - (Select Use SSL, if required)
    • Failover Server (optional) - (Select Use SSL, if required)

  3. To specify the maximum timeout value for authentication requests sent to the SafeNet server, enter the value (in seconds) in the Communication Timeout field.

  4. Enter the location of the SafeNet server key file in the Agent Encryption Key File field. Browse to the Agent.bsidkey file located at the following path:

    Program Files\Thales\JavaSDK\bsidkey\Agent.bsidkey

  5. To verify authentication, perform the following steps:

    a. Enter the following fields:

    - User Name
- OTP

    b. Click Authenticate. A message is displayed indicating if authentication succeeded or failed.

  6. To test if the SafeNet server is running or not, click Check in Check Status section.

copy link to clipboardConfiguring Logging Settings

To configure log settings, perform the following steps:

  1. Select Logging tab.

    alt_text

  2. Drag the pointer on the Logging level adjustment scale to adjust the logging level:

    • 1: Critical (Only critical)
    • 2: Error (Critical and errors)
    • 3: Warning (Critical, errors, and warnings)
    • 4: Info (Critical, errors, warnings, and information messages)
    • 5: Debug (All available information)

The Java Authentication SDK will log messages to the file path defined in the JCryptoWrapper.ini configuration file.

  1. Log File Location field lets you specify the location where the log files will be saved. The default log file location is: Program Files/Thales/JavaSDK/log.

    If you change the default file location, ensure that the folder is accessible to all the required users.

copy link to clipboardViewing Localization Settings

To view the localization settings, perform the following steps:

  1. Select the Localization tab.

    alt_text

    Note

    The localized text cannot be edited on the Localization tab interface. It must be edited in the INI file.

copy link to clipboardConfiguring INI

To configure the server details in the INI file, perform the following steps:

  1. Edit JCryptoWrapperWin.ini (available at C:/Program Files/Thales/JavaSDK/log/JCryptoWrapperWin.ini) with the following server details:

    Configuration Description Default Value
    SWITCH_OVER_COUNT If present, this attempts to switch over to the primary server after a configured number of calls to the secondary server.
    Valid range: 10 to 99    		 10
    CallTimeout Time within which the connection between the client and the server must be established. It corresponds to the Communication Timeout setting in the Management Console.
    Valid range: 10 to 99 seconds    		 10 seconds
    RequestTimeout Time within which a response must be returned before the server terminates the connection.
    Valid range: 10 to 120 seconds    		 60 seconds

  2. To add IP address to the SAS Auth Nodes tab, perform the following steps:

    a. On the management console, select Comms > Auth Nodes and select the Auth Nodes link.

    alt_text

    b. Click the Add button and enter the information on the Auth Nodes tab.

    alt_text

  3. Click Save.

copy link to clipboardConfiguring SafeNet Java Authentication SDK - Linux

To configure SafeNet Java Authentication SDK in Linux, perform the following steps:

  1. Edit JCryptoWrapper.ini (available at /usr/local/Thales/javasdk/ini) with the following server details:

    Configuration Description Default Value
    PrimaryProtocol Select http / https.
    PrimaryServer Enter the primary SafeNet server host.
    PrimaryServerPort Enter the port number (for example, 80/443).
    SWITCH_OVER_COUNT If present, this attempts to switch over to the primary server after a configured number of calls to the secondary server.
    Valid range: 10 to 99    		 10
    CallTimeout Time within which the connection between the client and the server must be established. It corresponds to the Communication Timeout setting in the Management Console.
    Valid range: 10 to 99 seconds    		 10 seconds
    RequestTimeout Time within which a response must be returned before the server terminates the connection.
    Valid range: 10 to 120 seconds    		 60 seconds

  2. To add IP address to the SAS Auth Nodes tab, perform the following steps:

    a. On the management console, select Comms > Auth Nodes and select the Auth Nodes link.

    alt_text

    b. Click the Add button and enter the information on the Auth Nodes tab.

    alt_text

  3. Click Save.

On this page