Configuring user authentication
i2 Analyze supports multiple authentication methods, including form-based, basic, and claims-based authentication.
Config development environment admin user
The config dev environment requires an administrator user name adt-admin to be available to the deployment. When using Form-Based or Basic Authentication this user is automatically provided. If you are using Claims-Based Authentication, or another external user registry, you must ensure this user is in the identity provider or external user registry.
The user must be a member of a group named Administrator. The password for the user is in the environment-secrets/generated-secrets/application/admin_PASSWORD file.
This page describes how to configure form-based and basic authentication. For information about configuring claims-based authentication, see Configuring claims-based authentication.
Configuring Form-Based or Basic Authentication
Form-based authentication is a common method used to authenticate users based on their input in a login form. This is the default authentication that is used.Basic authentication is a simple method where the client sends the username and password in the HTTP headers.
To specify the authentication method:
Specify the authentication method in the
<config-name>/configuration/server.extensions.xmlfile:Form-Based Authentication:
<webAppSecurity overrideHttpAuthMethod="FORM" allowAuthenticationFailOverToAuthMethod="FORM" loginFormURL="opal/login.html" loginErrorURL="opal/login.html?failed"/>Basic Authentication:
<webAppSecurity overrideHttpAuthMethod="BASIC" allowAuthenticationFailOverToAuthMethod="BASIC" loginFormURL="opal/login.html" loginErrorURL="opal/login.html?failed"/>For more information about configuring authentication in Liberty, see the Open Liberty documentation.
After you update the
server.extensions.xmlfile, redeploy your config by running the following command:deployIf you have multiple configs, specify the config name with
-c <config-name>.