Password Protect escenic-admin
escenic-admin
is a web application for administration of the
Content Engine.
In a default installation it is installed without password protection.
escenic-admin
is, however, a powerful tool and should
definitely not be openly accessible in a production environment. You are
therefore strongly recommended to limit access to a small group of
competent users.
To password protect escenic-admin
:
-
Set
escenic-admin-authentication = true
in theassemblytool
properties file before running the assemblytool (see Initialize the Assembly Tool). -
Define one or more user log-ins for
escenic-admin
in Tomcat'stomcat-users.xml
file.
To define an escenic-admin
user in Tomcat, you need
to add an entry like this to tomcat-users.xml
:
<user username="admin-user" password="admin-password" roles="ECEAdmin"/>
where:
-
admin-user is the user name you want to use for logging in to
escenic-admin
-
admin-password is the password you want to use for logging in to
escenic-admin
It is obviously not a good idea to enter the password in this file as plain text. For a description of how to encrypt the password, see http://www.jdev.it/encrypting-passwords-in-tomcat/.