User Authorization for Administrator and User Roles
MM authorization uses two preconfigured roles.
These roles are specified in the provided passwords file that is used for file-based authentication:
BE_HOME/mm/config/users.pwd
The file as shipped contains the following entries:
jdoe:A31405D272B94E5D12E9A52A665D3BFE:MM_ADMINISTRATOR; mm_user:11b2016b63c99ef7ab6d6d716be7b78e:MM_USER; admin:21232f297a57a5a743894a0e4a801fc3:MM_ADMINISTRATOR;
If you add more users ensure that they have the appropriate role. Note that role names are case sensitive:
- MM_ADMINISTRATOR: Users with this role can execute methods, for example to deploy, start, and stop engines, and invoke method operations
- MM_USER: Users with this role can view MM Console, but cannot deploy, start, or stop engines, or invoke method operations
Note: To use LDAP authentication, you must add these roles in the LDAP directory for the relevant users.
See User Authentication for more on authentication topics, and configuring the password file.
Copyright © TIBCO Software Inc. All Rights Reserved.