Contents

 


Introduction

This option allows the system administrator to prepare and configure the message channels that determine how messages are sent to the users.

DualShield supports multiple communication gateways of various channels including SMS, email, telephone and twitter direct message. 

Typically, MobileID requires SMS and Email gateways to be configured in order for messages to be sent to mobile devices.

The 'Message Gateway' tab provides details of all gateways that have been imported to the management console.

After selecting "Configuration | Gateways" from the Management Console a new Tab "Message Gateway" is opened;    



Default Message Gateways

No Message Gateways are created during the installation of DualShield, but Licenses that have been created by the systems administrator are presented in tabular form with the following heading details;


HEADINGS

 Name

The name of the message gateway.

 Description

An optional description of the message gateway for the convenience of the systems administrator.

 Enabled

This status flag indicates if the message gateway policy is enabled or disabled.

 Domain

The domain that the message gateway has been applied to..

 Type

The type of message gateway ("SMS", "EMAIL", "TWITTER", "TELEPHONE" or "HTTP").



Available Commands and Actions

The following commands and actions may be performed on selected License using the context menu commands;


Button Commands

On the first line of the "Message Gateway" tab there is a button "Create" that can be used to create a new message gateway;


This button will Create a new Message Gateway.



Context Menu Commands

Each Message Gateway has a context menu icon (""), after left clicking on the icon a list of commands and actions will be shown that may be performed on the selected Message Gateway;

View the general gateway's details.
Edit the selected message gateway's details.
View gateway type-specific configuration details.
Lists all Domains that can use the selected Message Gateway.
Send a test message using the selected message gateway.
Delete the selected message gateway server.



 View

View the general gateway's details (see View a Message Gateway [MC-MG]).

 Edit

Edit the selected message gateway's details (see Edit a Message Gateway [MC-MG]).


 Configuration

View gateway type-specific configuration details (see the Message Gateway Configuration section below).

 Domains

Lists all Domains that can use the selected Message Gateway (see the Binding Domains section below).

 Test

Send a test message using the selected message gateway (see the Testing Message Gateways section below).


 Delete

Delete the selected message gateway server (see Delete a Message Gateway [MC-MG]).



Creating Message Gateways

New Message Gateways can can be created using the "Create" button;

A new window will now open titled "Message Gateway – New";

At the prompt "Type", you will need to select which type of message gateway is to be created from the following list;

  •  SMS Gateway - Messages will be sent via SMS message to the user's mobile phone.

    In order to create an SMS Gateway using the management console, navigate to "Configuration | Gateways", click on the "Create" button, then at the prompt "Type:" select "SMS";

    SMS Gateway options

    If you are planning to deploy tokens or send notification messages to your users via SMS text, then you need a SMS gateway. You can set up your own SMS gateway with a GSM modem or you might want to subscribe to a web-based SMS gateway service such as Clickatell, Twilio and Email to SMS;

    •  Clickatell

      Unable to render {include} The included page could not be found.

       

    •  Twilio

      First, you need to login to the Twilio account and copy out the following account details: ACCOUNT SID, AUTH TOKEN and Phone Numbers.

      Once you have the ACCOUNT SID, AUTH TOKEN and Phone numbers ready, login to DualShield Management Console, navigate to "Configuration | Gateways", click "Create" and select "SMS" in the "Type" field.

      Click "Edit", and select "Twilio" provider. Paste your Twilio "ACCOUNT SID, PRIMARY AUTH TOKEN and PHONE NUMBERS" in the fields accordingly. 

      Enter a description text in the "Name" field, then select the domains in the drop down list, e.g. Management Console, edit "Dial Prefix" accordingly. Finally click "Save" to close the dialog box. 

      Now, you can use Twilio SMS gateway to push out messages. 

      If your Twilio account is in the trial mode, then you must add your users' mobile phone numbers. Login to your Twilio account, navigate to "VERIFIED CALLER IDS", click "Verify a number" to add a number. 

       

    •  Email to SMS

      Email to SMS service enables you to use your current email programme (MS Outlook, Gmail, etc) to send and receive SMS messages. It is a powerful tool for office communication.

       

      Emails sent to, for example, 447797803200@bulksms.net are forwarded via the BulkSMS system as an SMS text message to the mobile number 447797803200.

      AQL is a typical EMAIL-to-SMS provider which you can use it in DualShield.

      If you check its configuration file aql.xml,

       

      <smtp> <email>${to}@text.aql.com</email> <format>text</format> <from>${from}</from> <subject>${subject}</subject> <body><![CDATA[${body}]]></body> </smtp>

      It only has the recipient setting ${to}@text.aql.com .

      Do you ever wonder which smtp server Dualshield uses to send the OTP(or other information) out to ? or by magic?

      In this case, you have to configure a SMTP gateway before setting up AQL-like SMS gateway. At least it is correct by the time this article is published (25/04/2013).

      In addition, one of our customers reported a problem "Message gateway is not available, please try again later" when using such a gateway. We checked the log, and found another message "501 5.1.7 Invalid address". it turned out their SMTP server refused to send out a message which has a non-legitimate sender address.

       

    Compatible GSM Modems and Phones

    We use SMSLIB to send SMS message. Technically any GSM brand listed in its compatibility page is supported. For your convenience, here is the list
    • Billionton: PCMCIA PCGPRSQ-B.
    • EagleTec: GSM modems.
    • Fargo Maestro 20.
    • ITengo: 3000, WM1080A.
    • Janus: GSM864Q.
    • Nokia: 6070, 6100, 6210, 6310, 6310i, 6230, 6230i, 6681, 8250, 8310, 6610, 6800, 7210, 6810, 7250i, 6103, 6020, 3220, 6822, 5140, 5140i, 30 (terminal).
    • Multitech: Multimodem GPRS (SMSLib for Java can also drive the Multitech Multimodem via its IP port).
    • Sharp: GX30, GX32.
    • Siemens: MC35i, M35, M50, M65, C45, TC35i, C65, M55, TC65t.
    • SIMCOM Ltd: SIMCOM_SIM100S.
    • Sony Ericsson: K300i, SE K800i, K700i, K750i, SE W850i, W880i, GC89, Z550a, W800, W580i, W810, i320, GT48, K790i, F305, K770, K618i.
    • Ubinetics: GDC201.
    • Wavecom: M1206B, M1306B, WMOD2 Wismo, Fastrack Supreme 10, Fastrack Supreme 20, WISMOQCDMA CDMA.
    • Huawei: E220 (may require the forced setting of SMSC address), E230.
    • Motorola: V3.
    • Teltonika: ModemUSB.
    • Motorola: V3, L6.
    • Samsung: D520, E1410 Guru, GT-I9000.
    • Samba: 55-SET GSM/GPRS USB modem.
    • Rogers: ZTE 636 USB 'rocket' modem.
    • Falcom: USA Samba 75 GSM/GPRS/EDGE (Model MC75).
    • BandLuxe: HSDPA c-120.
    • SIM548C GSM module.
    • Karbonn: K551.
    • D-Link: DWM-152.

    Our customers reported the following three are supported.

    • ZTE MF100
    • XS Stick P14
    • Cinterion MC55i

    Add an additional SMS provider

    Since version 3.4x, the Deepnet Authentication server has provided support for multiple SMS providers offering flixible customisation options together with the provision to support additional SMS providers (as an example, you might want to add a local SMS provider in order to reduce service charges).  Whilst customisation requirements can vary between SMS providers, there are usually several aspects that they share in common, and adding new providers can often be as simple as adapting an existing SMS template from a similar provider.

    In the following example, we will demonstrate one approach that may be used, but given the variety of solutions that may be required, it should be pointed out that configuring some providers may involve a lot more work and investigation, however we are on hand to assist if configuring the provider proves more challenging than expected.

    The first step in setting up an SMS provider is usually to create an account with the provider, then obtain their SMS API documentation (please also ensure that you identify what protocol they are using, HTTP, SMTP, or SMPP etc.).

    The next step would normally be to examine the built-in SMS provider templates that were installed into the folder "$INSTALL_PATH/Tomcat/conf/dgs" ("$INSTALL_PATH/smsproviders" if you are using DualShield);


    If you find a good match with the provided templates then configuring the new provider should be relatively straightforward.

    As an example, let us assume that you are going to use "txtmail.co.nz" as your SMS provider in DualShield.  This company provides SMTP protocol, so we copy the built-in provider "gin.xml" which uses SMTP as well, and save the new file as "txtmail.xml", open the file "txtmail.xml" and change the provider name etc. Once this is done, the file content should look like as the following;


    <?xml version="1.0" encoding="UTF-8"?>
    <provider name="txtmail">
    <sms>
    <smtp>
    <email>${to}@txtmail.co.nz</email>
    <format>text</format>
    <from>${from}</from>
    <subject>${subject}</subject>
    <body><![CDATA[${text}]]></body>
    </smtp>
    </sms>
    </provider>

    Finally, add an entry in the file "sms_providers.xml", 

    <provider name="TXTMail" file="txtmail.xml" /> 


    Access the management console of DualShield, you should see the newly added provider in SMS Gateway Settings. You may need to restart DualShield service for it to take effect.


    The following example, "mollie.nl", will send SMS via HTTP.


    Accrding to its API document, the syntax of sending the request is, 

    http://www.mollie.nl/xml/sms/?username=[username] &password=[password]&originator=[originator]&recipients=[recipient(s)]&message=[message] 


    And the response is something like 

    <?xml version="1.0" ?>
    <response>
    <item type="sms">
    <recipients>1</recipients>
    <success>true</success>
    <resultcode>10</resultcode>
    <resultmessage>Message successfully sent.</resultmessage>
    </item>
    </response>

    As it is a HTTP protocol, you can refer to the built-in template ClickAtell. The response is XML format, so you can use xmlPath to extract the result, otherwise, you may need a regular expression which is complicated. However you can find the regular expression example in the built-in templates. The final mollie template would be


    <provider name="Mollie">
    <sms>
    <http>
    <method>GET</method>
    <url>http://www.mollie.nl/xml/sms/</url>
    <query>username=${userName}&password=${password}&originator=${from}&recipients=${to}&message=${body}</query>
    <variables>
    <variable name="flash"/>
    <variable name="dlr_url"/>
    </variables>
    <mappings>
    <mapping name="replace_sms" type="boolean">
    <true>1</true>
    <false>0</false>
    </mapping>
    </mappings>
    <response type="http_body" regexp="true" format="xml">
    <pattern success="true" xmlPath="//response/item/success">true</pattern>
    </response>
    </http>
    <smtp>
    <email>${to}@mobiel.mollie.nl</email>
    <format>text</format>
    <from>${from}</from>
    <subject>username=${userName}&password=${password}&sender=${subject}</subject>
    <body><![CDATA[${text}]]></body>
    </smtp>
    </sms>
    </provider>

    mollie.nl also supports SMTP. It is quite interesting to see how it does the authentication - credentials in Subject!



  •  Email Gateway - Messages will be sent in the form of an email.

    An Email gateway can be added to a selected domain by using the following procedure;


    1.  Navigate to Configuration | Gateways

      1. From the Home page of the Management Console, left click on the menu item "Configuration", then select "Gateways".


         
      2. A new tab "Message Gateway" will now open.


         

    2. Click on the "Create" button (found on the toolbar of the 'Message Gateways' tab);

       
    3. A new window will now open titled "Message Gateway – New";


      At the prompt "Type:", select "EMAIL", and the window will be updated as follows;

         

       

       Type

      For email gateways select "EMAIL".

       Name

      Enter a suitable name for your email gateway (e.g. Dualshield Email Gateway”).

       Description

      Provide a brief description of email provider (e.g. "Company Email Server").

       Configuration

      The Edit button () allows you to provide additional configuration details for the Email Gateway (for instructions see the next step below).

       Domains

      Select the Domains from which the user details can be obtained (e.g. "deepnetsupport.com").

       Enabled

      Select if the message gateway is enabled (or not).



    4. After you have completed entering the gateway details you will be ready to configure the gateway.

      Click on the Edit button () , and a new window titled "SMTP Gateway" will open;

         

       

       SMTP Server Address

      Enter the address of your SMTP Server (in this example our mail server is at “mail.deepnetsecurity.com”),

       SMTP Server Port

      Unless your provider requires a different setting, leave the setting unchanged with the default value of 25,

       Transport Layer Security (TLS)

      Enter a TLS setting that matches the requirements of your SMTP mail server

       Secure Socket Layer (SSL)

      Enter a SSL setting that matches the requirements of your SMTP mail server

       User Name

      If your mail server requires a user name, then enter it here.

       Password

      If your mail server requires a password, then enter it here.



       
    5. You will now return to the window titled "Message Gateway – New", supply any description you may required then click "Save" to create the email gateway. 


    Once the email gateway has been configured it can be tested by using the context menu option "Test";

    A new window will open that can be used to send a message through the newly created email gateway;



  •  Twitter Gateway - Messages will be sent as Twitter Messages to the User.

    DualShield also supports sending one-time passwords and other types of messages via twitter direct message. A Twitter direct message is a peer to peer personal message that is private between the sender and receiver. You will need to register a Twitter account for your organisation and register the account details in your DualShield server.  This is the Twitter direct message which is one to one and private, not the broadcast message.

    A Twitter Gateway can be added to selected domains by using the following procedure;


    1.  From the Management Console, Navigate to "Configuration | Gateways"

      1. From the Home page of the Management Console, left click on the menu item "Configuration", then select "Gateways".


         
      2. A new tab "Message Gateway" will now open.


         

    2. Click on the "Create" button (found on the toolbar of the 'Message Gateway' tab);
       


       

    3. A new window will now open titled "Message Gateway – New", At the prompt "Type:" select "TWITTER";

         

       

       Type

      For email gateways select "EMAIL".

       Name

      Enter the name of your twitter gateway (e.g. “Twitter Gateway”).

       Description

      Provide a brief description of the telephone gateway.

       Configuration

      Click on the "Edit..." button () to configure the gateway (for instructions see the next step below).

       Domains

      Select the Domains that the user details can be obtained from (e.g. "deepnetsupport.com").

       Enabled

      Select if the gateway is enabled (or not).


        
    4. In order for the Twitter service to send OTP in DualShield, you need to configure the Twitter Gateway:

      Click on the Edit button () , and a new window titled "Twitter Gateway" will open;

         

       

       Type
      Twitter Server URL

      Enter the New Twitter URL address that is now; "https://api.twitter.com/1.1/direct_messages/new.json"

       API Key

      Enter Twitter OAuth setting "Consumer Key".

       API Secret

      Enter Twitter OAuth setting "Consumer Secret".

       Access Token

      Enter Twitter OAuth setting "Access Token".

       Access Token Secret

      Enter Twitter OAuth setting "Access Token Secret".

       

      Now, you need to provide the following information: "Consumer Key", "Consumer Secret", "Access Token", and "Access Token Secret" which can be obtaining using the following procedure


       Obtaining the required variables from your Twitter account.

      The following procedure will obtain the values "Consumer Key", "Consumer Secret",  "Access Token" and "Access Token Secret" that are required when configuring the Twitter Gateway;


      1. Visit "https://dev.twitter.com/apps/new" (logging in if necessary).



      2. Follow the instruction to create an application, then after creation, you can see its details.
         


      3. By default, the access level is "Read-only" (you can get the Consumer Key and its secret in the section "OAuth settings") 



        Make a note of the values "Consumer Key" and "Consumer Secret" (boxed above).


         
      4. Before creating the access token, we need to change the access level. This is VERY important!



         
      5. Click the tab "Settings", change the access type to "Read and Write", then press the button "Update this Twitter application settings" at the bottom.



         
      6. Now, go back to the "Details" tab, check the status of the access level. If it has been changed to "Read and write", then you can press the button "Create my access token" You should now see the access token and its secret.

        Make a note of the values "Access Token" and "Access Token Secret" (boxed above).




      7. Finally, enter those details in DualShiled and Save.

       

      Reference

      Creating a Twitter OAuth application: http://net.tutsplus.com/tutorials/php/creating-atwitter-oauth-application



    Please Note: Users who wish to receive Twitter messages sent from DualShield must have their own personal Twitter accounts, and must follow the Twitter account that you have registered for your organisation.


    Related Articles

    •  Using Twitter to send an OTP

      The following procedure will obtain the values "Consumer Key", "Consumer Secret",  "Access Token" and "Access Token Secret" that are required when configuring the Twitter Gateway;


      1. Visit "https://dev.twitter.com/apps/new" (logging in if necessary).



      2. Follow the instruction to create an application, then after creation, you can see its details.
         


      3. By default, the access level is "Read-only" (you can get the Consumer Key and its secret in the section "OAuth settings") 



        Make a note of the values "Consumer Key" and "Consumer Secret" (boxed above).


         
      4. Before creating the access token, we need to change the access level. This is VERY important!



         
      5. Click the tab "Settings", change the access type to "Read and Write", then press the button "Update this Twitter application settings" at the bottom.



         
      6. Now, go back to the "Details" tab, check the status of the access level. If it has been changed to "Read and write", then you can press the button "Create my access token" You should now see the access token and its secret.

        Make a note of the values "Access Token" and "Access Token Secret" (boxed above).




      7. Finally, enter those details in DualShiled and Save.

       

      Reference

      Creating a Twitter OAuth application: http://net.tutsplus.com/tutorials/php/creating-atwitter-oauth-application



  •  Telephone Gateway - Messages will be sent via an automated telephone service.

    DualShield supports sending one-time passwords and other types of messages via phone calls

    Currently, the only telephone service provider supported by DualShield is TeleSign. If you plan to use TeleSign service, you will need to register an account directly with TeleSign.com.

    A telephone gateway can be added to selected domains by using the following procedure;


    1.  From the Management Console, Navigate to "Configuration | Gateways"

      1. From the Home page of the Management Console, left click on the menu item "Configuration", then select "Gateways".


         
      2. A new tab "Message Gateway" will now open.


         

    2. Click on the "Create" button (found on the toolbar of the 'Message Gateway' tab);
       


       
    3. A new window will now open titled "Message Gateway – New", At the prompt "Type:" select "TELEPHONE";

      The remaining fields can be filled in as follows;

       

      Name:Enter the name of your telephone gateway (e.g. “Telesign Telephone Gateway”).
      Description:Provide a brief description of telephone gateway.
      Configuration:

      Click on the "Edit..." button () to configure the gateway (for instructions see the next step below).

      Domains:Select the Domains that the user details can be obtained from (e.g. "deepnetsupport.com").
      Enabled:.Select if the message gateway is enabled (or not).
      Dial Prefix:

      Enter an internationally adjusted dial prefix (for example "+44|0").


       How to Configure Phone Numbers in Message Gateway

      Characters to remove from phone numbers.Enter any characters that should be removed from phone numbers (e.g. "\^+-{}[]").

       

       

       

    4. After you have completed entering the gateway details you will be ready to configure the gateway.

      Click on the Edit button () , and a new window titled "Telephone Gateway" will open;

      Enter the "Customer Id" and "api_key" paramters as supplied by Telesign .
      As in the example above, at the variable/value prompts enter values at the prompts "Variable" and "Value" , then click on the green plus sign ();

       

      Provider:Leave the field at it's default value "TeleSign".
      User Name:Enter your Telesign supplied username,
      Password:Enter your Telesign supplied password.
      Confirm Password:
      Re-enter your Telesign supplied password.
      ProtocolSelect "rest".
      VariableSelect "Customer Id" and "api_key" when etering parameters.
      ValueEnter the vlaues for t "Customer Id" and "api_key" as supplied by your TeleSign.

       


       Repeat this process for both parameters then click "OK" to confirm configuration has been completed and return to the window titled "Message Gateway – New".

       

       

    5. Click "Save", and the new Telephone Gateway will be added to the list of gateways.


  •  HTTP Gateway - Messages will be sent via a HTTP Proxy Gateway.

    In order to create an SMS Gateway using the management console, navigate to "Configuration | Gateways", click on the "Create" button, then at the prompt "Type:" select "HTTP";


    If the machine where DualShield is installed needs to access the Internet via a HTTP proxy, you must set up the HTTP proxy.

    A HTML gateway can be added to a selected domain by using the following procedure;

     

    1.  Navigate to "Configuration | Gateways", then click on the "Create" button;

      1. From the Home page of the Management Console, left click on the menu item "Configuration", then select "Gateways".


         
      2. A new tab "Message Gateway" will now open.


       
    2. A new window will now open titled "Message Gateway – New", At the prompt "Type:" select "HTTP";

       

       

       Type

      Enter "HTTP" in this field as this will be an HTTP Gateway.

       Name

      Enter the name of your HTTP Gateway (e.g. Dualshield HTTP Gateway).

       Description

      Provide a brief description of the http gateway.

       Configuration

      Click on the "Edit..." button () to configure the gateway (for instructions see the next step below).

       Domains

      Select the Domains hat the user details can be obtained from (e.g. "deepnetsupport.com").

       Enabled

      Select if the gateway is enabled (or not).


       

    3. In order for the HTTP Proxy to send OTP in DualShield, you need to configure the Proxy Gateway:

      Click on the Edit button () , and a new window titled "HTTP Proxy" will open;

      at the prompts “Server Address:” and “Server Port:” enter the IP address and port details of the HTTP Gateway, 

      at the prompt “Require Authentication" select the field if the Gateway's requires authentication,

      if authentication is required, enter your user credentials at the  “User Name:” and "Password" prompts,


      When you have completed entering the required values for your proxy server click on "Save".


       
    4. You will now return to the window titled "Message Gateway – New", supply any description you may required then click "Save" to save the HTTP Gateway.




Gateway Configuration

Message gateway configuration details can be viewed by using the context menu option "Configuration" (a new window will open that shows the configuration options for the selected message gateway);

When you have completed viewing the configuration options for the selected Message Gateway click "Close" to exit.



Binding Domains

After selecting the context menu option "Message Gateway", a new window titled "Domains" will open that allows selection of Domains that are bound to the selected gateway;


Use the check-boxes in the left hand column to select which Domains will be bound to the selected message gateway, then click  "Save" to save your changes.

 


Testing Message Gateways

After selecting the context menu option "Test", a new window with no title will open that can be used to send a test message to the selected gateway;

 

 

 

 From

Enter the messaging details for the sender of the message.

 To

Enter the phone number, email address etc. of the user that will be receiving the test message.

 Subject

Enter subject heading of the test message. 

 Message Body

Enter the content of the test message. 

When you have completed entering the Message message details click "Test" to send the test message to the specified recipient.



Related Articles

  • No labels