Changing Security Database Implementation
Security-related information (user, groups, and ACLs) is by default stored in a file-based data store inside the runtimedata directory of the server. Using Fiorano Studio Profile Manager, the implementation can be changed before starting the server to LDAP, RDBMS or XML-type storage. This section explains the configuration steps required to change the implementation.
Security Related MBeans
Security-related components are found in default ESB profiles in Fiorano > Security domain. Object Names for these components are:
- Fiorano.security:ServiceType=RealmManager,Name=SecuritySubSystem
- Fiorano.security.AclManager:ServiceType=AclManager,Impl=FILE,Name=NativeFileBasedAclManager
- Fiorano.security.PrincipalManager:ServiceType=PrincipalManager,Impl=FILE,Name=NativeFilePrincipalManager
Figure 1: Security related components
The figure above shows the position of these components in the component tree as seen from an off-line configuration tool (the Profile Manager).
Modifying ACLManager Implementation
- Open the profile for off-line editing through the Profile Manager
- Browse the tree to reach the node Fiorano > security > AclManager. Click on the current ACL Manager MBean.
- In the properties panel, click on the value of the Implementation property and choose the desired value from the drop-down menu.
Figure 2: Implementation property to modify ACLManager implementation - Right-click the FES node and select Save from the pop-up menu.
Modifying Principal Manager Implementation
- Open the desired profile for off-line editing through the Profile Manager.
- Browse the tree to reach Fiorano > security > PrincipalManager and click on the current Principal Manager Mbean as shown in the figure below.
- In the property panel, click on the value of the Implementation property and choose a desired value from the drop-down list.
Figure 3: Implementation property to modify Principal Manager implementation - Right-click on the FES node and select Save from the pop-up menu
