Installation
To install LinOPT service, please follow the next steps.
Install docker
The docker service is required to run the LinOPT service
sudo apt-get install docker.io
Install portainer
Portainer is an optional UI to manager the docker service easily.
- More information: https://www.portainer.io/
- Installation: https://www.portainer.io/installation/
Install mariadb
The LinOTP service only works with mariadb, you could use the mariadb container or another existing mariadb database in your environment.
- Dpockerhub: https://hub.docker.com/_/mariadb
Configure the external service
Create linotp database
It is required to create the linotp database.
// Enter to the mariadb container shell mysql -u root -p; create database linotp; use linotp;
Create table usertable
After the installation of MariaDB and the creation of the database, it is required to create this table to allow Soffid to manage users.
CREATE TABLE `usertable` ( `id` varchar(50) DEFAULT NULL, `user` varchar(50) DEFAULT NULL, `telephoneNumber` varchar(50) DEFAULT NULL, `mobile` varchar(50) DEFAULT NULL, `mail` varchar(50) DEFAULT NULL, `sn` varchar(50) DEFAULT NULL, `givenName` varchar(50) DEFAULT NULL, `password` varchar(60) DEFAULT NULL ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Create LinOTP container
Create the soffid/linotp container: https://hub.docker.com/r/soffid/linotp
- Publish the port 443 of the container to the 1443
To access to the LinOTP web console: https://localhost:1443/manage
- The user is admin and the password is the one configured previously as the environment attribute ADMIN_PASSWORD
Create SQL Resolver
In the LinOTP web console go to: Configuration LinOTP > UserIdResolvers > New (button) > SQL (type)
Now use the attributes below:
This is the attribute mapping:
{"userid":"id","username":"user","phone":"telephoneNumber","mobile":"mobile","email":"mail","surname":"sn","givenname":"givenName","password":"password" }
Create a Realm
Soffid configuration
Mapping to the agent to manage LinOTP users
Finally to allow to manage user accounts with LinOTP it is required to create a rest agent with the next mapping against the LinOTP service.
The mapping: agent-configuration-linotp.xml
Enable the service in Soffid
After the installation and configuration of the service you should include in the Soffid configuration
Please follow the steps of this link Authentication methods#EnableLinOTPintegration and then the next section Authentication methods#SecondFactorAuthenticationconfiguration.