Revision 8568
Added by Jing Tao over 10 years ago
| configuration.rst | ||
|---|---|---|
| 62 | 62 |
|
| 63 | 63 |
http://<your_context_url>/admin |
| 64 | 64 |
|
| 65 |
Metacat uses LDAP as its primary authentication mechanism, but you can define |
|
| 66 |
your own authentication mechanism by creating a Java class that implements |
|
| 67 |
``AuthInterface``. Required configuration values are: Authentication Class, |
|
| 68 |
Authentication URL, Authentication Secure URL, and Metacat Administrators. |
|
| 65 |
Metacat uses either an internal password file or LDAP as its primary authentication mechanism. |
|
| 66 |
You can choose the authentication mechanism by selecting either AuthFile or AuthLdap class. |
|
| 67 |
We will only allow the trusted partners to access the NCEAS LDAP Server. |
|
| 68 |
If you are not in the trusted partner list, you may choose the internal password file authentication |
|
| 69 |
or set up your own LDAP server. You also can define your own authentication mechanism by creating a Java |
|
| 70 |
class that implements ``AuthInterface``. |
|
| 71 |
|
|
| 72 |
Required configuration values for the password file authentication are: |
|
| 73 |
Authentication Class, Metacat Administrators, Users Management URL and Password File Path. |
|
| 74 |
|
|
| 75 |
Required configuration values for LDAP authentication are: Authentication Class, |
|
| 76 |
Metacat Administrators, Users Management URL, Authentication URL, and Authentication Secure URL. |
|
| 77 |
|
|
| 69 | 78 |
Make sure that your user account information is entered into the Metacat |
| 70 | 79 |
Administrators field (e.g., uid=daigle,o=nceas,dc=ecoinformatics,dc=org). You |
| 71 | 80 |
will not be allowed to continue with configuration if this is missing. |
| 72 | 81 |
|
| 73 |
NOTE: To create an LDAP account on the KNB LDAP server (specified as the |
|
| 74 |
default LDAP server), go to http://knb.ecoinformatics.org and select the |
|
| 75 |
"create a new user account" link. |
|
| 82 |
NOTE: |
|
| 76 | 83 |
|
| 84 |
1. To create an account on the password file, please see the section called :doc:`authinterface`. |
|
| 85 |
|
|
| 86 |
2. To create an LDAP account on the KNB LDAP server (specified as the default LDAP server), go to https://identity.nceas.ucsb.edu and select the "create a new user account" link. |
|
| 87 |
|
|
| 77 | 88 |
If you make changes to the authentication settings, you must restart Tomcat to |
| 78 | 89 |
put them into effect. |
| 79 | 90 |
|
| 91 |
.. figure:: images/screenshots/image071.png |
|
| 92 |
:align: center |
|
| 93 |
|
|
| 94 |
Configuring Password File Authentication Values. |
|
| 95 |
|
|
| 80 | 96 |
.. figure:: images/screenshots/image009.png |
| 81 | 97 |
:align: center |
| 82 | 98 |
|
| 83 |
Configuring Authentication Values. |
|
| 99 |
Configuring LDAP Authentication Values.
|
|
| 84 | 100 |
|
| 85 | 101 |
Changing Authentication Configuration without Authentication |
| 86 | 102 |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| ... | ... | |
| 108 | 124 |
auth.administrators - a colon separated list of administrators |
| 109 | 125 |
auth.url - the authentication server URL |
| 110 | 126 |
auth.surl - the authentication secure server URL |
| 127 |
auth.file.path - the authentication password file path |
|
| 111 | 128 |
|
| 112 | 129 |
3. Save the ``metacat.properties`` file and start Tomcat. |
| 113 | 130 |
|
Also available in: Unified diff
Add the configuration for the password file authentication.