If you are able to connect to the server using some clients but not all, you can troubleshoot issues by running the token in debug mode.
- Download this file to the token directory: http://www.wikidsystems.com/webdemo/tokens/j2se/jw.properties
- Edit the file setting debug=true
- Run the token from the command line: java -jar jWiKID.jar
Here's what the file looks like:
domainSuffix=wikidsystems.net useIpBeforeDns=true debug=true
You can also find it and copy it on your computer. The domainSuffix is used to change the default DNS. The default is to use wikidsystems.net. UsIpBeforeDns tells the token to check to see if the domain is a zero-padded ip address before checking for a dns entry. Debug=true turns on debug mode.
Now, run the software token client from the command line:
$ java -jar jWiKID.jar
This is what the output from the software token should look like for adding a new domain:
devPub.length: 162 Sending 178 bytes of post data from pullConfig wComms.connectInternal(): connecting to http://333.344.445.555/wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=0&S=333344445555&CT=1 Opening http://333.344.445.555/wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=0&S=333344445555&CT=1 wComms.connectInternal(): connecting to http://333344445555.wikidsystems.net/wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=0&S=333344445555&CT=1 Opening http://333344445555.wikidsystems.net/wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=0&S=333344445555&CT=1 POST /wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=0&S=333344445555&CT=1 HTTP/1.1 Wrote 178 bytes. Reading response iteratively ... Returning data ... (296 bytes) Read 296 bytes from the server Reading 128 of ciphertext. Reading 160 of server pub key data. Recieved and Parsed Domain Configuration serverCode:333344445555 name:Token client test minPIN:4 PINLifetime:60 deviceID:-767379240169441339 registeredURL:https%3a%2f%2fwww.wikidsystems.com%2fsignup%2ftestclient.jsp pubKey:[B@c272bc
The token first tries http://333.344.445.555, which doesn't exist, so it then tries http://333344445555.wikidsystems.net, which succeeds. The token gets the domain configuration information such as the registered URL and minium PIN and the user is asked to set their PIN.
Making connection to server. wComms.connectInternal(): connecting to http://333.344.445.555/wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=1&D=-767379240169441339&S=333344445555&CT=1 Opening http://333.344.445.555/wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=1&D=-767379240169441339&S=333344445555&CT=1 wComms.connectInternal(): connecting to http://333344445555.wikidsystems.net/wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=1&D=-767379240169441339&S=333344445555&CT=1 Opening http://333344445555.wikidsystems.net/wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=1&D=-767379240169441339&S=333344445555&CT=1 POST /wikid/servlet/com.wikidsystems.server.InitDevice4AES?a=1&D=-767379240169441339&S=333344445555&CT=1 HTTP/1.1 Wrote 128 bytes. Reading response iteratively ... Returning data ... (272 bytes) Recieved 256 bytes from server. regcode length: 19 public key length: 160 Offline key size: 160
The PIN is encrypted and sent to the server. The server responds with the registration code, which is a 19 digit number. The number is hashed by the server's public key (to prevent a MITM attack during this process) and presented to the user as an 8 digit alphanumeric.
If you see an issue during this process, think about where it is occurring? Can the token write the WiKIDToken.wkd file (which has the public/private keys and domain information) to the file system? Can the token reach the server at http://333.344.445.555 or a DNS entry such as http://333344445555.wikidsystems.net? Does the DNS resolve? Do you see an attempt to connect to the WiKID Server in the WiKIDAdmin logs?