Configuration Types for Command Central and Platform Manager OSGI ENGINE
The OSGI-CCE-ENGINE and OSGI-SPM-ENGINE run-time components support creating configuration instances of the configuration types described in the following table.
Configuration type | Supported on | Use to configure... |
COMMON-CREDENTIALS | OSGI-CCE-ENGINE | The user credentials to add and store for a specific alias. You create a configuration instance with the specified alias and then retrieve the stored credentials with the sagcc get configuration data command to use when connecting to a repository or a remote machine. See also COMMON-CREDENTIALS Usage Notes |
COMMON-JAAS | OSGI-CCE-ENGINE, OSGI-SPM-ENGINE | The JAAS login modules to use for authentication and authorization, for example to allow authentication against external user stores. See also COMMON-JAAS Usage Notes |
COMMON-LICENSE | OSGI-CCE-ENGINE | The Command Central license file. |
COMMON-LICLOC | OSGI-CCE-ENGINE | Retrieve the location of the Command Central license file. |
COMMON-SYSPROPS | OSGI-CCE-ENGINE, OSGI-SPM-ENGINE | The monitoring or inventory parameters, for example the polling interval at which to monitor products for run-time status. |
SIN-INTERNAL-GROUPS | OSGI-CCE-ENGINE, OSGI-SPM-ENGINE | The groups in the internal user stores. |
SIN-INTERNAL-ROLES | OSGI-CCE-ENGINE, OSGI-SPM-ENGINE | The user roles in the internal user stores. |
SPM-NODEID | OSGI-SPM-ENGINE | The internal unique ID of Platform Manager. Command Central manages unique IDs automatically. Before you customize the unique ID of a Platform Manager, run cc list landscape nodes to view the list of IDs already registered with Command Central. Each Platform Manager must have a unique ID in the Command Central landscape. |
COMMON-CREDENTIALS Usage Notes
Following is an example of adding user-defined credentials:
The alias and the credentials details required to create a new instance of the COMMON-CREDENTIALS configuration type is in the custom_cred.xml file. To create the new configuration instance for the run-time component with the ID “OSGI-CCE-ENGINE” that is installed in the installation with name “local”:
sagcc create configuration data local OSGI-CCE-ENGINE COMMON-CREDENTIALS
-i custom_cred.xml
To retrieve the configuration details for the configuration instance with ID "COMMON-CREDENTIALS-myalias" for the run-time component with the ID “OSGI-CCE-ENGINE” that is installed in the installation with name “local”, use the following command:
sagcc get configuration data local OSGI-CCE-ENGINE COMMON-CREDENTIALS-myalias
The COMMON-CREDENTIALS configuration type has the following default configuration instances that you can retrieve using the
sagcc list configuration instances command, but you cannot delete or edit:
COMMON-CREDENTIALS-DEFAULT_ADMINISTRATOR - used when a product or repository requires basic authentication and includes default username and password for the Administrator user.
COMMON-CREDENTIALS-NONE - used when no authentication is required, for example to connect to a public github repository.
COMMON-CREDENTIALS-TRUSTED - used for trusted authentication with Software AG products or mirror repositories hosted by Platform Manager version 10.0 or higher.
COMMON-JAAS Usage Notes
To modify the JAAS configuration file, use either the Command Central web user interface or
sagcc update configuration data. The JAAS configuration files for Command Central and Platform Manager are located here:
For Command Central
Software AG_directory\profiles\CCE\configuration\security \jaas.config
For Platform Manager
Software AG_directory\profiles\SPM\configuration\security \jaas.config
You can configure a domain parameter for the InternalLoginModule and the LDAPLoginModule. Command Central uses the value of the domain parameter to determine whether to verify the user against the internal user repository or against an LDAP user store. For example, when you specify the following domain values:
com.softwareag.security.jaas.login.internal.InternalLoginModule required
domain="int"
com.softwareag.security.sin.is.ldap.lm.LDAPLoginModule required
domain="sag"
If a user logs on with int\Administrator, Command Central logs on the user through the Internal login module. If a user logs on with sag\Administrator, Command Central logs on the user using the LDAP login module. If you do not configure a domain for the InternalLoginModule or the LDAPLoginModule, the login module without a domain parameter logs on all users.