Hyrax - Administrators Interface

From OPeNDAP Documentation
Revision as of 00:21, 10 June 2011 by Ndp (talk | contribs) (Details)

1 Overview

2 Installation & Configuration

2.1 BES

2.2 OLFS

The HAI is a regular part of the OLFS distribution and simply needs to be enabled by configuring the OLFS to communicate with the BES admin port, and Tomcat to allow you to access the UI.

2.2.1 olfs.xml

In the olfs.xml file you will need to add (or uncomment) the following for each BES:


You will need to manually verify that the value of the adminPort element is the same as the BES.DaemonPort parameter specified in the bes.conf file for that BES instance.

2.2.2 Tomcat Users

You will need to configure Tomcat to support container managed security, by connecting to an existing "database" (aka Realm) of usernames, passwords, and user roles. Tomcat supports several authentication Realms including LDAP. What follow are simple instructions for getting a Memory-Realm working.'The Memory-Realm is not for production use, and the example is provided only as a mean by which to easily demonstrate and allow one to test the HAI features.

Look here from more information on Tomcat and other suthentication Realms how-to
  1. Edit the file $CATALINA_HOME/conf/tomcat-users.xml
  2. Add a user whose role is "manager".
    <user username="admin" password="foo" roles="manager,hyrax-manager" />
    And be sure to make the password something better than "foo".
  3. done.

2.2.3 Tomcat SSL

In order to use the HAI you will need to configure your tomcat instance to enable SSL (see. How to accomplish this is covered in detail here at the Tomcat site.

From their Quick Start section:

2.2.4 Olfs Details

The HAI servlet (as part of the Hyrax web application) utilizes a <security-constraint> element, and a <login-config> element that define how administrators are required to authenticate themselves.

In the case of the HAI we use BASIC authentication over an SSL channel. The <transport-guarantee> ensures that the url's defined <web-resource-collection> can only be accessed via a secure channel:

           <web-resource-name>Hyrax Admin Interface</web-resource-name>


3 OLFS Log Viewer

4 BES Log Viewer

5 BES Controls