Administrator

Web Portal Access to Mobiliser

The Web portals provide two different system level users to gain access to Mobiliser.

The first user is defined along with the URL to the preferences service as a Java Naming and Directory Interface (JNDI) string resources (usually in conf/context.xml).

The configuration URL consists of multiple parts:
<scheme>://<user>:<password>@<host:port>/<path>?pollInterval=
<interval>&clientType=<clientType>&applicationIdentifier=
<applicationIdentifier> 
Fragment Description
scheme Defines the scheme values: prefs and prefss . If prefss is set, the connection is done via HTTPS; otherwise, HTTP is used.
user Defines the user who accesses the preferences services. The default user is prefsread, which has the minimum set of roles configured to access the services.
password This password must match that of the configured user in the platform.
host:port Defines the host name and the port at which the platform is accessible.
path Defines the URL path, usually mobiliser/rest/prefs, to the service.
interval Sets the time interval, in milliseconds, between checks for new configuration with the server.
clientType Indicates the protocol to use when calling the service. Default is "json".
applicationIdentifier Identifies the configuration set being used.  The preferences option allows multiple configuration trees; each of which is identified by an applicationIdentifier. The standard configuration generally uses both of these configuration sets:
  • businesslayer is for the back end (Mobiliser).
  • presentationlayer is used by the Web portals.
You can grant read and write access to the applicationIdentifiers individually.

The Web portal instance uses the environment user (prefs2/config) to access the preferences, which run as part of the Mobiliser feature. The user has access only to the services that allow read access to preference information.

The configuration data from preferences contains all other application-level configuration, including the user that is used for subsequent service calls from the portal to the platform.

Some data, such as passwords, are stored in the preferences in an encrypted format. The key for decrypting the data is also stored as a JNDI string resource, with the name "prefs/secret". If you change this value, reencrypt all the encrypted data stored in preferences (for the given applicationIdentifier) using the command line tool and SQL, or the Operations Dashboard preferences functionality.

By default, the Web portal uses the "mobiliser" user to make service calls to the back end; configure the user name and password in preferences. The password, which is stored encrypted in preferences, must match the hashed password that is stored for the corresponding user (mobiliser) in the database (MOB_CUSTOMERS_CREDENTIALS).

For security reasons, the password is not set in the standard configuration. Set it manually during the platform installation and setup.


webPortalAccessToMobiliserPlatform