(Another blog which is a memo-to-self)
Here’s the problem:
- My OpenAM server is running on Tomcat on my Mac
- My Mac (which is a client machine really) moves with me across different networks, getting different network addresses as it goes
- My phone needs to connect to my Mac using a dns name
- And for a bonus point, in order to demo upcoming Push Authentication:
- the Mac needs to be connected to the Internet;
- the phone needs to be connected to a data connection.
So I need a setup like this:
DNS Server
The key to getting this setup to work is to run a DNS server on the Mac. I used the excellent dnsmasq which by default uses the /etc/hosts file on the Mac as its source of information.
So in my /etc/hosts I have something like:
10.0.1.99 ahall.forgerock.com ahall.forgerock.dev ahall
where 10.0.1.99 is the IP address of my Mac on the wireless network.
Phone Settings
Then I configured my iPhone (which has to be on the same WiFi) to point to the Mac as a DNS server. Go to Settings…Wifi…click on the “i” and add the Mac’s IP address (i.e. 10.0.1.99) as a DNS Server, ahead of the usual DNS Servers you may use (such as 8.8.8.8).
While trying to get this to work, I found that occasionally I had to stop and start dnsmasq:
# sudo launchctl stop homebrew.mxcl.dnsmasq
# sudo launchctl start homebrew.mxcl.dnsmasq
…especially after making changes to /etc/hosts.
(You may also find that Dyn Dig is a useful tool to have at hand. It is a mobile app version of the DNS resolution tool dig.)
On the Move
What this setup does require is that when your Mac moves to a different WiFi network or, in general, gets a different IP address, you will clearly need to change your /etc/hosts and Phone settings again. So it is not a perfect solution.
But it does mean I can test OpenAM from my phone:
HTH
/FB
This blog post by the Access Management product manager was first published @ thefatblokesings.blogspot.com, included here with permission.
