/
Tutorial - Create Authentication Server for UDMG Web Transfer Client

Tutorial - Create Authentication Server for UDMG Web Transfer Client

Owned by Stonebranch (Deactivated)
Last updated: Dec 12, 2024 by Olivier Michaut

In this tutorial, you will:

  • Create the authentication server on the UDMG Server instance for the UDMG Web Transfer Client.

  • Manually launch this server.

  • View server details.

  • Add a user and set up the allowed directories.

  • Configure the UDMG Web Transfer Client to connect to this server. 

Step 1

From the UDMG Admin UI navigation pane, select Local Servers. The Servers list displays.

Step 2

Click the Plus icon () in the Local Server Details.

  • In the Server Name field, enter local_auth_test_server

  • In the Protocol field, select LOCAL-AUTH

  • In the IP Address field, enter 0.0.0.0

  • In the Port field, enter 8888

  • In the Root Directory field, enter /home/udmg

  • In the Receive Directory field, enter in

  • In the Send Directory field, enter out

  • In the Temp Directory field, enter in

  • In the Member of Business Service field, select Generic

Note

  • The Root Directory and its subfolders, must be accessible and writable by the operating system user that is running the UDMG Server and the UDMG Web Transfer Client (usually 'udmg').
  • The Root Directory must be the same as the workdir parameter in the UDMG Web Transfer Client configuration file
    [settings]
## Working directory
workdir = "/home/udmg"
  • The changes to the Local Server details are only applied after performing a Restart (with the  button).

Step 3

Under the Configuration section.

Input a value for the authentication key between the UDMG Web Transfer Client and the UDMG local-auth server or press the generate new Auth Key button.

Keep the value, it will be needed for the UDMG Web Transfer Client configuration.

Step 4

Several features can be enabled or disabled for the server.

  • To enable the UDMG Web Transfer users to delete or rename files on the virtual folders, toggle the Allow Remove File and Allow Rename File accordingly. 
  • To enable the sharing of files with the creation of ad-hoc share links, 
    • toggle the Allow File Sharing option.
    • fill in the External URL to indicate the name and port where an external user will reach the Web Transfer Server to download the shared files. This value will be the prefix for the ad-hoc share links.
      For instance: https://web.company.com:5050
      Note: This parameter is mandatory when Allow File Sharing is enabled. The actual URL scheme, domain and port depends your actual proxy and load balancer configuration. Especially the port is the the port of the Web Transfer Client UI, not the internal port number that is set for the LOCAL-AUTH protocol (it will be the one that is defined in the UDMG Web Transfer Client configuration file, see the step 15 below, or any port that is setup in your network topology).


Step 5

Click Save icon ().

Step 6

If the shared account (WebUser) exists, click the Accounts tab in the Local Server Details.

Click the Pencil icon () to add an account.

  • Use the arrows to add the WebUser account. 
  • Click the Save changes button.


Step 7

If the shared account (WebUser) does not exist, click the Shared Accounts Service from the UDMG Admin UI navigation pane. 

Click the Plus icon () in the Shared Accounts Details.

  • In the Username, enter WebUser.

  • In the Login Name, enter WebUser.
  • In the Password field, enter WebUserPass.
  • In the Member of Business Services, select the relevant Member of Business Service (i.e., Generic).

Click Save icon ().

Step 8

If the shared account (WebUser) was just created, navigate back to the Local Servers Service via the UDMG Admin UI Navigation pane. 

Click on the local_auth_test_server record from the list

Step 9

From the Local Server Details, start the server by clicking on the Start (play) icon ().

Step 10

From the Local Servers list, view the status of the server. 


Or click on the UDMG Server Status button in the bottom left of the UDMG Admin UI navigation pane to show the list of running services.

The new server local_auth_test_server is listed and should appear green.

Step 11

From the UDMG Admin UI navigation pane, select Rules Service. The Rules list displays.

Step 12

Click the Plus icon () in the Rules Details. The Rule Details displays.

  • In the Rule Name field, enter WebUser_receive.

  • In the Direction field, select Receive.

  • In the Description field, enter any value, for example "Receive files under 'WebUser' folder".

  • In the Virtual Path Directory field, enter in.

  • In the Local Directory field, enter WebUser.

  • In the Remote Directory field, leave it empty.

  • In the Temp Directory field, enter WebUser.

  • Select a business service from the list: Generic

Click the Save icon () to create the rule.

Note

Due to a system limitation with the UDMG Web Transfer Client, setting the same path value for both the Local and Temp directories is mandatory.

This constraint will be removed in future releases.

Step 13

From the UDMG Admin UI navigation pane, select Shared Accounts Service. The Shared Accounts list displays.


In the Share Accounts Details, select the Local Servers tab. 

Step 14

Click the Pencil icon () to add the server.

  • Use the arrows to add the local_auth_test_server. 
  • Click the Save changes button.

Step 15

The local-auth server is ready to accept requests from the UDMG Web Transfer Client.

To set up the UDMG Web Transfer Client connection to this local server, see the [secrets] section in the configuration file on the Linux Installation Guide or the Windows Installation Guide.

Note

The local-auth server port is only for the internal connection between the UDMG Web Transfer Client module and the UDMG Server.
It must be configured in the [secrets] section of the UDMG Web Transfer Client configuration file.

The port for the UDMG Web Transfer Client itself is configured with the port parameter in the [settings] of the same file.

[settings]
####################################
# The settings section configures the
# Web Transfer Client UI
####################################
## Network interface, default "0.0.0.0"
inet = "0.0.0.0"
## Port, default "5050"
port = "5050"
## Working directory
workdir = "/home/udmg"

...
[secrets]
#############################################
# The secrets section configures the connection towards udmg-server
# and the Web Transfer Client Authentication Server (local-auth)
# There are no default, the local-auth server must be defined and started in the UDMG Server
#############################################
## URL of the Web Client Authentication server API, local-auth server
endpoint = "http://0.0.0.0:8888"
## API Key to authenticate to the Web Client Authentication server
apikey = "40Db93EaRBUUBL3bF9bEDcJ7PHH0RQ96SM4113KB"

Related content