Hawk WebConsole Users
Hawk WebConsole can be configured to authenticate Hawk users against the following types of user repositories and these authentication types need to be set in the following section of web.xml
.
<!-- Hawk Users Authentication provider type, supported types are FILE or LDAP or DATABASE -->
<context-param>
<param-name>auth_type</param-name>
<param-value>FILE</param-value>
</context-param>
Default auth_type
is FILE that is, File based user repository is used.
Database (RDBMS) based User Repository
In the DATABASE based configuration, the users and passwords are stored in the database.
To use this configuration, change auth_mode to DATABASE in web.xml:
<context-param>
<param-name>auth_type</param-name>
<param-value>DATABASE</param-value>
</context-param>
Note |
To use |
The user authentication information is stored in a table called hawk_user
s.
For example, to add a new user (admin/admin), Administrator needs to run the following SQL script:
INSERT INTO hawk_users (user_name, password) VALUES ('admin', 'admin');
OR
INSERT INTO hawk_users (user_name, password) VALUES ('admin', '232f297a57a5a743894a0e4a801fc3');
Note |
The password can be in plain text or MD5 hashed. |
LDAP Based User Repository
In the LDAP based configuration, the users and passwords are stored in LDAP/AD.
To use this configuration, change auth_mode to LDAP in web.xml
:
<context-param>
<param-name>auth_type</param-name>
<param-value>LDAP</param-value>
</context-param>
Configure LDAP properties in web.xml:
<!-- If authentication type is LDAP, configure LDAP properties -->
<context-param>
<param-name>ldap_host</param-name>
<param-value>10.97.107.21</param-value>
</context-param>
<context-param>
<!--If not configured, default port 389-->
<param-name>ldap_port</param-name>
<param-value>389</param-value>
</context-param>
<context-param>
<param-name>ldap_adminDN</param-name>
<param-value>CN=eric,CN=Users,DC=pmqa,DC=com</param-value>
</context-param>
<context-param>
<param-name>ldap_admin_password</param-name>
<param-value>Search123</param-value>
</context-param>
<context-param>
<param-name>ldap_baseDN</param-name>
<param-value>DC=pmqa,DC=com</param-value>
</context-param>
<context-param>
<!--If not configured, default value is 'uid'-->
<param-name>ldap_uid_attr</param-name>
<param-value>cn</param-value>
</context-param>
<context-param>
<!--If not configured, default value is '*' -->
<param-name>ldap_object_class</param-name>
<param-value>*</param-value>
</context-param>
File Based User Repository
In the File based configuration, the users and passwords are stored in the hawkusers.xml
file. To configure file based authentication:
1. | Change the auth_mode to FILE in web.xml as follows: |
<context-param>
<param-name>auth_type</param-name>
<param-value>FILE</param-value>
</context-param>
2. | Configure the hawkusers.xml file as follows: |
<!-- Hawk Users file for FILE based authentication -->
<context-param>
<param-name>hawk_users_file</param-name>
<param-value>/hawk_users.xml</param-value>
</context-param>
Store the Hawk users file in the location HAWK_HOME\webconsole\tomcat\webapps\WEB-INF\conf
. It has the following format:
<user username="<username
>" password="<MD5 hashed password or Plain text password
>" roles="<user role
>"/>