Using your phone with a mobile OpenAM demo environment

(Another blog which is a memo-to-self)

Here’s the problem:

  • My OpenAM server is running on Tomcat on my Mac
  • My Mac (which is a client machine really) moves with me across different networks, getting different network addresses as it goes
  • My phone needs to connect to my Mac using a dns name
  • And for a bonus point, in order to demo upcoming Push Authentication:
    • the Mac needs to be connected to the Internet;
    • the phone needs to be connected to a data connection.

So I need a setup like this:

DNS Server

The key to getting this setup to work is to run a DNS server on the Mac. I used the excellent dnsmasq which by default uses the /etc/hosts file on the Mac as its source of information.

So in my /etc/hosts I have something like:
10.0.1.99 ahall.forgerock.com ahall.forgerock.dev ahall

where 10.0.1.99 is the IP address of my Mac on the wireless network.

Phone Settings

Then I configured my iPhone (which has to be on the same WiFi) to point to the Mac as a DNS server.  Go to Settings…Wifi…click on the “i” and add the Mac’s IP address (i.e. 10.0.1.99) as a DNS Server, ahead of the usual DNS Servers you may use (such as 8.8.8.8).

 

While trying to get this to work, I found that occasionally I had to stop and start dnsmasq:
# sudo launchctl stop homebrew.mxcl.dnsmasq

# sudo launchctl start homebrew.mxcl.dnsmasq
…especially after making changes to /etc/hosts.

(You may also find that Dyn Dig is a useful tool to have at hand. It is a mobile app version of the DNS resolution tool dig.)

On the Move

What this setup does require is that when your Mac moves to a different WiFi network or, in general, gets a different IP address, you will clearly need to change your /etc/hosts and Phone settings again. So it is not a perfect solution.

But it does mean I can test OpenAM from my phone:

 

 

HTH
/FB

This blog post by the Access Management product manager was first published @ thefatblokesings.blogspot.com, included here with permission.

©2018 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?