Deploying and Managing Apama Applications > Administering Dashboard Security > Authentication for local and WebSphere deployments > Installing login modules
Installing login modules
NoOpLoginModule is used by default for the Dashboard Builder, Viewer, Data Server, and Display Server. To change this, you must install the login module or modules that you want to use instead. To install login modules, do both of the following:
*Specify the login modules to use in the file JAAS.ini in the lib directory of your Apama installation.
*Create a jar file that includes your LoginModule implementation or implementations, and add the jar or its directory to APAMA_DASHBOARD_CLASSPATH (changes to this environment variable are picked up by dashboard processes only at process startup) or else add the jar or its directory to the list of External Dependencies in your project's Dashboard Properties (In Apama Studio, right click on your project and select Properties, expand Apama, select Dashboard Properties, activate the External Dependencies tab, and click the Add External button).
If your login module has dependencies on other .jar files, add these .jar files to the manifest of the login module .jar file.
Apama Studio allows you to sign your .jar files when you create a deployment package—see Preparing Dashboards for Deployment in Using Apama Studio.
Note: The login module you install can affect the Data Server or Display Server authorization behavior. If you install UserFileLoginModule, for example, the default Scenario authority will provide expanded access to users with the apama_admin role. For such users, it will grant view, edit, and delete access to all Scenario instances (in addition to granting such access to Scenario-instance owners). See Providing a login module that supports a Scenario or Event Authority for more information.
If you are installing a login module provided by Apama (see Dashboard Login Modules Provided by Apama), you do not need to create a jar file as described above, as this class is provided with your Apama installation and is included in an existing jar.
JAAS.ini supports the standard JAAS configuration file format. Each entry in the file associates an application with a login module together with a specification of the module’s parameter values. Here is a JAAS.ini that specifies the UserFileLoginModule for the Dashboard Viewer and Data Server applications:
/*
* Dashboard Builder security configuration.
*/
builder {
com.apama.dashboard.security.NoOpLoginModule required
debug=false;
};
/*
* Dashboard Viewer security configuration.
*/
viewer {
debug=false;
com.apama.dashboard.security.UserFileLoginModule required
debug=false
userFile="<INSTALL_PATH>\\etc\\dashboard-users.xml"
refreshDelay="5000";
};
/*
* Dashboard DataServer security configuration.
*/
dataServer {
debug=false;
com.apama.dashboard.security.UserFileLoginModule required
debug=false
userFile="<INSTALL_PATH>\\etc\\dashboard-users.xml"
refreshDelay="5000";
};
Important! Do not change the login module associated with the Dashboard Builder.
Copyright © Software AG, Darmstadt, Germany and/or Software AG USA Inc., Reston, VA, USA, and/or its Subsidiaries and or/its Affiliates and/or their licensors.
Use, reproduction, transfer, publication or disclosure is prohibited except as specifically provided for in your License Agreement with Software AG.