Universal Messaging 10.5 | Concepts | Security | Authentication | Using SASL | Server-side Authentication | Directory Backend | Internal User Repository
 
Internal User Repository
If the Nirvana.directory.provider system property is set to com.pcbsys.foundation.security.auth.fSAGInternalUserRepositoryAdapter, then usernames will be looked up in a standard Software AG store called the 'Internal User Repository', which is a flat file maintained by the Software AG command-line utility internaluserrepo.bat (Windows platforms) or internaluserrepo.sh (UNIX-based platforms). This utility is located in <InstallDir>/common/bin.
This mechanism is the default user repository if the Nirvana.directory.provider property is not set.
You can use the following syntax to add a user myuser1 with a password mypwd1 to the internal user repository.
internaluserrepo.bat -f <path_to_users.txt> -c -p mypwd1 myuser1
The location of the file containing the internal user repository is given by the system property Nirvana.auth.sagrepo.path, and would default to ./users.txt (relative to the runtime directory of the Universal Messaging server), but the Server_Common.conf file shipped with Universal Messaging overrides this as ../users.txt, locating it in the same <InstallDir>/UniversalMessaging/server/<InstanceName> directory as the licence.xml file.
The entry in Server_Common.conf looks like this:
wrapper.java.additional.18=-DNirvana.auth.sagrepo.path=../users.txt
The Server_Common.conf file may of course be edited as usual to move the users.txt file into a location that is shared by all the realms of an installed Universal Messaging instance.
You should also set up the following configurations in the Server_Common.conf file, to ensure that basic authentication is activated and mandatory:

wrapper.java.additional.19=-DNirvana.auth.mandatory=Y
// This makes basic authentication mandatory.
// Calls not supplying the credentials in this case will be rejected.
wrapper.java.additional.20=-DNirvana.auth.enabled=Y
// This enables the basic authentication feature,
// but it is not mandatory to supply credentials.
If you add users to the internal user repository, you should also set up Universal Messaging server ACLs for these users, specifying e.g. myuser1@hostname, and give appropriate or full control.
Note: 
*To activate any changes you make, you need to restart the Universal Messaging server.
*More details about the utility internaluserrepo and its options are available in the Software AG document Command Central Help.