Security (Aspire 2)

From wiki.searchtechnologies.com
Jump to: navigation, search

For Information on Aspire 3.1 Click Here

Description

The Aspire System Administration user interface can be configured to use security. When configured, whenever a user tries to access the UI via a browser, it will be redirected to a login page. After the session is authenticated successfully, access to all pages can continue as normal.

By default, security is disabled.

Configuration

Access the settings.xml file in your distribution under the config folder.

1. Add the following element (if not present):

  <authentication>
    <type>None</type>
  </authentication>

2. Change the authentication type based on your needs. Currently, there are three options:

  1. None: No security is used. All access to the administration pages is unrestricted.
  2. ConfigFile: Uses the default administrator user ("admin"). The password is retrieved from top level application properties (inside the properties section).
  3. Ldap: Use a LDAP server to grant access to Aspire. LDAP authentication can use none, simple and DIGEST-MD5, it can also filter by group. In case that group it is not specified, LDAP authentication only validates that the user exist.
    <!-- System properties -->
    <properties>
      <property name="adminPassword">searchtech</property>
    </properties>
  
      <ldapConfig>
	<config>
	  <server>ldap://localhost:389</server>
	  <authentication>simple</authentication>
	  <searchBase>dc=localhost, dc=com</searchBase>
	  <group>OU=Users,OU=Group</group>
        </config>
      </ldapConfig>
  

It is recommended that you encrypt the admin password. See Password Encryption for details on how to do that.