By default, EAServer does not have a default authentication service installed. Only the jagadmin user is authenticated. Authentication is enabled either by installing a custom authentication service (see html/ir/CtsSecurity__AuthService.html in your EAServer installation directory), or by installing a JAAS login module.
EAServer provides a sample server side JAAS login module. To install the sample JAAS login module in EAServer:
From EAServer Manager, select Server Properties | Security, and set the JAAS configuration file to $JAGUAR/html/classes/Sample/JAAS/jaas.cfg.
Select Server | Advanced | All Properties tab, and if necessary, define a new property com.sybase.jaguar.server.jaas.section. Set the value of this property to UsernamePasswordBased.
Restart the server.
The jaas.cfg file points to your $JAGUAR/html/classes/Sample/JAAS/users.xml file, which contains two users, jagadmin and anonymous. By default, jagadmin is a member of the Admin role and anonymous is a member of the WebConsole_ReadOnly role. If you log in to the Web console as anonymous, and use the password “pwd,” you see that changes made to server profiles, preferences, and so on, persist only for the length of your session (until you log out or the session times out).
Check with your EAServer administrator before making
any changes. For more information see the JAAS Web site.
This modified users.xml file illustrates how you can implement authentication using a JAAS login module:
<?xml version="1.0" encoding="UTF-8" ?> <user_info policy="MD5"> <user> <name>jagadmin</name> <description>com.sybase.jaguar.server.jaas.section=UsernamePasswordBased </description> </user> <user> <name>anonymous</name> <description /> <password>pwd</password> </user> <user> <name>new_user</name> <description /> <password>pwd</password> </user> </user_info>
