Configuring users for the web app on WebSphere Application Server Liberty

Configure the users for the web app on IBM® WebSphere® Application Server Liberty by using these steps.

Before you begin

You must install WebSphere Application Server Liberty, Rational® Publishing Engine, and the web application, and then deploy the web app before you can configure the users.

About this task

For more information about how user names and passwords are stored, see Security considerations for IBM Rational Publishing Engine.

The user roles should be defined for the rpeng application only, and not the dgaas application.

Review the web app roles:

Table 1. Web app user roles
Role Capabilities
End user (rpe_user)
  • Can generate documents from the web app
  • Can view output files and logs about their document generation jobs
  • Can schedule document generation
Report designer (rpe_report_designer)
  • Can upload templates and style sheets into the web app
  • Can assemble reports
  • Can define data source connections
  • Can mark reports as available or unavailable to other users
  • Can generate documents from the web app
  • Can view output files and logs about their document generation jobs
  • Can schedule document generation
Administrator (rpe_admin)
  • Can access the Administer menu option
  • Can monitor system health, view all running jobs, and assign runtime and environment variables
  • Can generate documents from the web app
  • Can upload templates and style sheets into the web app
  • Can assemble reports
  • Can define data source connections
  • Can generate documents from the web app
  • Can view output files and logs about their document generation jobs
  • Can schedule document generation

Procedure

  1. Use the following command to stop the deployed web application:server stop serverName
  2. Open the server.xml file for the Liberty profile in the <Liberty_installdir>/server_directory/user/servers/server_name directory to configure the users and roles.
  3. In the features section, enable the following Liberty features:
    <feature>appSecurity-2.0</feature>
    <feature>servlet-3.0</feature>
  4. In the basicRegistry section, add users to the registry, for example:
    <basicRegistry id="basic" realm="WebRealm">
         <user name="rpe_user" password="xyz" />
         <user name="rpe_report_designer" password="xyz" />
         <user name="rpe_admin" password="xyz" />
    </basicRegistry>
  5. Use application binding tags to assign users to roles, for example:
    <application type="ear" location="C:\IBM\WebSphere\Liberty\usr\servers\rpeng\apps\com.ibm.rpe.web.app.ear">
        <classloader apiTypeVisibility="spec, ibm-api, api" commonLibraryRef="rcl" />
        <application-bnd>
            <security-role name="rpe_user">
                   <user name="rpe_user" />
               </security-role>
                <security-role name="rpe_report_designer">
                   <user name="rpe_report_designer" />
               </security-role>
                <security-role name="rpe_admin">
                   <user name="rpe_admin" />
               </security-role>
            </application-bnd>
        </application>
  6. Use the following command to start the deployed web application:server start serverName

Feedback