Configuring Internal Authentication Type
Pre-requisites:
To perform administration tasks on the internal authentication file through the CentraSite Command Line Interface, you must have the CentraSite Administrator role.
The Internal Authentication type allows you to authenticate a user against a set of user names and passwords that are maintained in a text file on the CentraSite Registry or Repository. Passwords are stored in SHA-512 hashed format, they cannot be decrypted. All user names and passwords are case-sensitive.
A typical use of such an authentication type would be during the initial set-up and testing of all required CentraSite components. In a production environment, one would typically use a central repository, for example, Microsoft Active Directory or LDAP, instead of Internal authentication.
The domain name for the Internal authentication type is always INTERNAL; this cannot be changed. A user who is registered in the text file can log in using the domain and name INTERNAL\<UserName> , where <UserName> is the registered user name.
The Internal user repository initially contains one predefined user named Administrator with the password manage. This user logs in using the domain and user name INTERNAL\Administrator. If your default authentication configuration is the Internal configuration, this user can log in using just the user name Administrator, without specifying the domain name explicitly.
You can perform administration tasks on the Internal authentication file, such as adding users, deleting users, and changing passwords.
CentraSite provides a command tool named internaluserrepo for this purpose.
You execute the command internaluserrepo in the command line tool internaluserrepo.bat (Windows) or internaluserrepo.sh (UNIX). The tool is located in the directory <Software AG_directory>\common\bin\. The internal authentication (.txt) file is located at <Software AG_directory>\common\conf\users.txt on all systems.
Caution: | As soon as possible after completing installation, you should change the password that is associated with the user Administrator. |
The dialog for creating a configuration for Internal authentication prompts for the following values:
Parameter | Description |
Domain ID | The domain ID is always INTERNAL. This cannot be changed. |
Expiration | The number of seconds that the user is cached in the server after successful authentication. Changes made to the user, for example, deletion or password changes, do not take effect until this time has elapsed. |
To modify the Internal authentication file
Run the command internaluserrepo. The syntax is of the format: