9.2.4 Authentication in HTML Adaptor

9.2.4.1 Enabling Authentication

9.2.4.2 Adding User Name and Password

9.2.4.3 Deleting user name and password

HTML Adaptor of AdventNet Agent Toolkit supports authentication feature. A simple challenge-response authentication mechanism is adopted, where the server may challenge the client and the client responds with the authentication information. When a user connects to the agent through the HTML Adaptor, authentication is done based on user name and password.

9.2.4.1 Enabling Authentication

Authentication of users will be done only when the Authentication feature is enabled. This feature can be enabled either from the JMX Compiler user interface or  using API calls.

9.2.4.1.1 Using JMX Compiler UI

Follow the steps given below to enable the authentication feature from the JMX Compiler UI. 

1. Select Project->Settings menu option, the Settings dialog appears.

2. Select Adaptors->HTML->Authentication option from the tree in the Settings dialog.

3. Enable the Authentication option in the HTML Authentication panel that appears on the right hand side.

Now, on generating code for the agent, code is generated to authenticate the users when they connect to the agent using HTML Adaptor. The user entries that have been added are stored in a text file, HtmlAuthTable.txt. This file is created under the <projectdir>/agent/bin/etc directory with the default entry.  

If user entries are not added from the UI before generating the code , the file is created with a default user entry, where user name and password are  jmx and root respectively. The users may be of two types: Administrator(1) or Normal(2). The default user has access type as Administrator.

9.2.4.1.2  Using API

The authentication feature can be enabled by adding the following code (shown in bold) to the registerAdventNetAdaptors() method in the agent's main file:

htmladaptor= new HtmlAdaptor();

htmladaptor.setParentDir(agentDir);

htmladaptor.registerAuthentication();

htmladaptor.addHttpServerInterface(new HtmlAdaptorServerImpl());

name = "Adaptors:type=HTMLAdaptor";

server.registerMBean(htmladaptor, new ObjectName(name));

htmladaptor.setLogFile("agentDir/jmxprojects/<projectname>/agent/bin/HtmlNotif.ser");

The line of code ( shown in bold in the above code snippet) when added to the agent's main file, enables Authentication support. When you enable authentication using APIs, the HtmlAuthTable.xml file present in the <Agent Toolkit Home>/etc directory has to

be copied to the <projectdir>/agent/bin/etc directory.

In addition to this check if the, the text file HtmlAuthTable.txt is present in the <projectdir>/agent/bin/etc  directory. If it is not present then it has to be copied from <Agent Toolkit Home>/etc directory and placed here. For a user  entry having User name, Password and Access type values of jmx, root and Admin(1) respectively, the contents of the file are as shown below:

<?xml version="1.0" encoding="UTF-8"?>

<Table>

<row>

<column name="user" value="jmx" ></column>

<column name="password" value="root" ></column>

<column name="accessType" value="1" ></column>

</row>

</Table>

9.2.4.2 Adding User Name and Password

In case user entries were added from the JMX compiler user interface, the HtmlAuthTable.txt file is created with these entries. Otherwise the text file is created with the default user name and password entries of jmx and root respectively. New user entries  can

be added by any one of the following ways:  

• Using the JmxCompiler UI (requires re-generation of code)

• Modifying the HtmlAuthTable.txt  ( requires the agent to be restarted)

• Admin user can add other users dynamically during run time from the HTML console (Web browser).

9.2.4.2.1 Using JMX Compiler UI

User entries may be added from the JMX compiler user interface before generating code for the agent. If entries are added after code generation, the code has to be re-generated. Follow the steps given below to add user name and password from the JMX Compiler user interface: 

1. Select Project->Settings menu option. The Settings dialog appears.

2. Select Adaptors->HTML->Authentication option from the tree in the Settings dialog.

3. Ensure Authentication option is enabled.

4. Click the Add button at the bottom of the table. 

5. Enter the following values in the dialog that appears:

• User Name

• Password

• Type of User ( Administrator(1) or Normal(2))

6. Press OK button.

Any number of users can be added for authentication using the above option. All the user entries made from the UI are persisted in the HtmlAuthTable.txt file during code generation.

9.2.4.2.2 Editing HtmlAuthTable.txt

The HtmlAuthTable.txt file is present in the <projectdir>/agent/bin/etc directory. User name,  password, and access type entries can also be added directly to the HtmlAuthTable.txt file. There are two types of users having access type Normal or Administrator.

To add a sample entry with the following values, user name: xyz, password: mypass, and access type: normal (2), the following lines should be added to the HtmlAuthTable.txt file:

<row>

<column name="user"  value="xyz" ></column>

<column name="password"  value="mypass" ></column>

<column name="accessType"  value="2" ></column>

</row>

As the HtmlAuthTable.txt file is read by the agent only while starting the agent, the user entries added to the file while the agent is running are reflected only when the agent is restarted.

9.2.4.2.3 From HTML Client (Web server)

The user name and password entries can also be added from the HTML client (Web server). This is possible only if the user has logged in as an administrator, i.e., with Admin(1) access. Follow the steps given below to add user name and password entries.

1. Connect to the agent through the HTML Adaptor from a Web browser by specifying the URL: http://<agentHost>:<portnumber>

2. Login as Admin user (Default user name: jmx and password:root have access as Administrator)

3. Select User Operations link from the Admin  section in the Main Page. A page is displayed with links: HtmlAuthTable and HttpAuthTable (only if agent has a HTTP connector with authentication enabled). 

4. Select the HtmlAuthTable link. The user entries are presented in table format. 

5. Use the New Row button at the bottom of the page to add new entries.

6. Enter the User name, Password and Access type. 

7. Press Add Row button. 

The new user entry is added now and this entry will be persisted in the HtmlAuthTable.txt file.

9.2.4.3 Deleting user Name and Password

The user entries can be deleted by any one of the following methods:

9.2.4.3.1 From JMX Compiler UI

The JMX Compiler user interface allows you to view the HtmlAuthTable. All the user entries are listed in the table. Follow the steps given below to delete an entry: 

1. Select Project->Settings menu option. The Settings dialog appears.

2. Select Adaptors->HTML->Authentication option from the tree in the Settings dialog.

3. Ensure Authentication is enabled, the HtmlAuthTable is displayed. 

4. Select the rows to be deleted.

5. Press the Delete button at the bottom of the table. The selected entries are deleted.

9.2.4.3.2 Editing the HtmlAuthTable.txt file

The user entry can also be deleted by editing the HtmlAuthTable.txt file present in the <projectdir>/agent/bin/etc directory. This can be done by deleting the rows corresponding to the user entry in the text file. But these changes will be reflected only when the agent is restarted.

A sample entry was given in the section Adding User name and passwords. In order to delete this entry from the text file, the following lines (that were inserted while adding the entry) must be deleted from the file.

<row>

<column name="user"  value="xyz" ></column>

<column name="password"  value="mypass" ></column>

<column name="accessType"  value="2" ></column>

</row>

9.2.4.3.3 From HTML Client (Web browser)

User entries can be deleted at agent run time using the HTML Client (Web browser). This can be done only if you have logged in as an administrator. Follow the steps given below to delete a User entry from the HTML Client:

1. Connect to the agent through the HTML Adaptor from a Web browser by specifying the URL: http://<agentHost>:<portnumber>

2. Login as Admin user (Default user name: jmx and password:root have access as Administrator).

3. Select Auth Operations link from the Admin  section in the Main Page.

4. A page is displayed with links: HtmlAuthTable and HttpAuthTable (only if agent has a HTTP connector with authentication enabled.) Select the HtmlAuthTable link.

5. The user entries are displayed in table format. Select the check box for the user entries to be deleted and press Delete Row button.

If the user logged and deleted his logged user entry, then his session will be closed and the main page is no longer displayed. Also, if you try to log in with the deleted user name, a login failure message is displayed.  

All user entries should not be deleted at a time. If this is done you will not be able to log in to view the agent information through the Web browser.

Note:  All the entries must not be deleted from the HtmlAuthTable.txt file.  At least one entry must be retained in the table.