Configure the users for the web app on IBM® WebSphere® Application Server Liberty
by using these steps.
Before you begin
You must install
WebSphere Application Server Liberty,
Rational® Publishing Engine,
and the web application, and then deploy the web app before you can
configure the users.
About this task
For more information about how user
names and passwords are stored, see Security considerations for IBM Rational Publishing Engine.
The user roles should be defined for the rpeng application
only, and not the dgaas application.
Review
the web app roles:
Table 1. Web app user rolesRole |
Capabilities |
End user (rpe_user) |
- Can generate documents from the web app
- Can view output files and logs about their document generation
jobs
- Can schedule document generation
|
Report designer (rpe_report_designer) |
- Can upload templates and style sheets into the web app
- Can assemble reports
- Can define data source connections
- Can mark reports as available or unavailable to other users
- Can generate documents from the web app
- Can view output files and logs about their document generation
jobs
- Can schedule document generation
|
Administrator (rpe_admin) |
- Can access the Administer menu option
- Can monitor system health, view all running jobs, and assign runtime
and environment variables
- Can generate documents from the web app
- Can upload templates and style sheets into the web app
- Can assemble reports
- Can define data source connections
- Can generate documents from the web app
- Can view output files and logs about their document generation
jobs
- Can schedule document generation
|
Procedure
- Use the following command to stop the deployed
web application:server stop serverName
- Open the server.xml file for the Liberty profile in the <Liberty_installdir>/server_directory/user/servers/server_name directory
to configure the users and roles.
- In the features section, enable the following Liberty features:
<feature>appSecurity-2.0</feature>
<feature>servlet-3.0</feature>
- In the basicRegistry section, add users to the registry,
for example:
<basicRegistry id="basic" realm="WebRealm">
<user name="rpe_user" password="xyz" />
<user name="rpe_report_designer" password="xyz" />
<user name="rpe_admin" password="xyz" />
</basicRegistry>
- Use application binding tags to assign users to roles,
for example:
<application type="ear" location="C:\IBM\WebSphere\Liberty\usr\servers\rpeng\apps\com.ibm.rpe.web.app.ear">
<classloader apiTypeVisibility="spec, ibm-api, api" commonLibraryRef="rcl" />
<application-bnd>
<security-role name="rpe_user">
<user name="rpe_user" />
</security-role>
<security-role name="rpe_report_designer">
<user name="rpe_report_designer" />
</security-role>
<security-role name="rpe_admin">
<user name="rpe_admin" />
</security-role>
</application-bnd>
</application>
- Use the following command to start the deployed web application:server
start serverName