Skip to main content
Skip table of contents

XML Security Realm

Contents

Setting up

  1. Open the desired profile for off-line editing through the Profile Manager using Studio
  2. Modify the Implementation property of Principal Manager and ACL Manager to XML.

    Reference

    For more information on how to modify ACL Manager and Principal Manager, refer to the 7.4 Modifying ACLManager Implementation section and the 7.5 Modifying Principal Manager Implementation section respectively in the FioranoMQ documentation.

  3. Configure Principal Manager and ACL Manager.
  4. Right-click the FES/FPS node and select Save from the pop-up menu.

Configuring Principal Manager

UserFileName: The name and path of the XML file containing user information. The default is user.xml.
GroupFileName: The name and path of the XML file containing group information. The default is group.xml.
Path: The absolute or relative path where the user and group files are stored. On specifying an absolute path, user and group files are saved to that location, while specifying a relative path saves user and group files to [FIORANO_DB_PATH]
[relative path entered], which in default cases for FES are %FIORANO_HOME%\runtimedata%selectedProfile%\FES\run\realm\principal.

Configuring ACL Manager

FileName: The name and path of the XML file containing user information. The default is acl.xml.
MaxAcePerACL: Maximum number of entries that an ACL can store. Default is 100.
Path: The absolute or relative path where the XML files are stored. On specifying an absolute path, user and group files are saved to that location, while specifying a relative path saves user and group files to [FIORANO_DB_PATH]
[relative path entered], which in default cases are %FIORANO_HOME%\runtimedata%selectedProfile%\FES\run\realm\principal.

Sample XML files

User.xml
CODE
<?xml version="1.0"?>
 <UserManager><User> 
<Name>ADMIN</Name> <Password></Password> 
</User> <User> <Name>Anonymous</Name> 
<Password></Password> </User> </UserManager>

Where:

  • <UserManager> Root element of the UserManager.
  • <User> The UserManager may consist of one or more users.
  • <Name> The name of the user. This is used to identify the user entry and is used in the ACLS and Groups.
  • <Password> The password of the user. This is stored in encrypted form. Hence, it cannot be specified from outside the system.
Group.xml
CODE
<?xml version="1.0"/>
 <GroupManager><Group><Name>EVERYONE</Name></Group></GroupManager>

Where:

  • <GroupManager> Root element of the GroupManager.
  • <Group> The GroupManager may consist of one or more groups.
  • <Name> The name of the group. This is used to identify the group entry and is used in the ACL table.
  • <Member> A group can consist of one or more members. These members must exist in the user table.
acl.xml
CODE
</AclManager> 
<ACL></Name>LOOKUP</Name><AclEntry 
Type="POS"><Principal>EVERYONE</Principal><Permission>LOOKUP</Permission></AclEntry></ACL></AclManager>

where:

  • <AclManager> Root element of the ACL dtd.
  • <ACL> The AclManager consists of one or more ACLs, which consists of all the information about ACL.
  • <Name> It specifies the name of the ACL.
  • <AclEntry> An ACL consists of one or more AclEntry, which can be negative (NEG) or positive (POS).
  • <Principal> An AclEntry consists of a Principal, which can be a user or a group.
  • <Permission> An AclEntry consists of 0 or 1 permission to perform certain tasks
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.