| h1. Security |
| |
| Every management application requires authentication and authorization. In our case both are controlled by Wicket. But from technology point of view there is also second element which provides information about users and roles - JAAS. |
| |
| By default Webconsole uses JAAS to authenticate users and grant them roles. |
| |
| h2. JAAS Configuration |
| |
| Realm used by webconsole is named "karaf". If you would like to change realm name please check the [branding] page. This realm may be configured in different ways, depending on environment you run. If you run webconsole on Karaf this realm is default. How to add new users and grant them new roles then? Using *$KARAF_HOME/etc/users.properties* file. Let check what do we have by default in this file: |
| |
| {code} |
| karaf=karaf |
| {code} |
| |
| We have user named 'karaf' with password 'karaf' and no roles assigned. Because we do require roles we need to modify this file a bit: |
| |
| {code} |
| karaf=karaf,admin |
| {code} |
| |
| After password we can pass list of roles separated by commas assigned to account. |
| |
