Security related information (user, groups, and ACLs) is by default stored in file-based data store inside runtimedata directory of the server. Using Fiorano Studio Profile Manager, the implementation can be changed before starting the server to LDAP, RDBMS or XML type storage. This section explains the configuration steps required to change the implementation.
Security Related MBeans
Security related components are found in default ESB profiles in Fiorano > Security domain. Object Names for these components are:
- Fiorano.security:ServiceType=RealmManager,Name=SecuritySubSystem
- Fiorano.security.AclManager:ServiceType=AclManager,Impl=FILE,Name=NativeFileBasedAclManager
- Fiorano.security.PrincipalManager:ServiceType=PrincipalManager,Impl=FILE,Name=NativeFilePrincipalManager
Figure 1: Security related components
The figure above shows the position of these components in the component tree as seen from an off-line configuration tool (the Profile Manager).
Modifying ACLManager Implementation
- Open the profile for off-line editing through the Profile Manager
- Browse the tree to reach the node Fiorano > security > AclManager. Click on the current ACL Manager MBean.
- In the properties panel, click on the value of the Implementation property and choose the desired value from the drop-down menu.
Figure 2: Implementation property to modify ACLManager implementation - Right-click the FES node and select Save from the pop-up menu.
Modifying Principal Manager Implementation
- Open the desired profile for off-line editing through the Profile Manager.
- Browse the tree to reach Fiorano > security > PrincipalManager and click on the current Principal Manager Mbean as shown in the figure below.
- In the property panel click on the value of the Implementation property and choose a desired value from the drop-down list.
Figure 3: Implementation property to modify Principal Manager implementation - Right-click on the FES node and select Save from the pop-up menu