Apps and development tools - IG User Management


Setup

Install the plugin

First step to setup an OpenWGA user management authentication is to install the plugin. In OpenWGA Admin Client open the plugin store (Menu "Plugins > Plugin Store"), find the plugin of title "IG User Management" and install it:

ig-usermanagement-store.png

Confirm the license on the following screen and hit button "Install this plugin" again.

Create the application

After installation you continue by setting up a new application with this plugin as design provider. Change to menu "Web Applications" and hit button "Create new application" there. Setup the application:

  • Choose database key and title
  • In section "Contentstore configuration" create a new content store database on any database server
  • In section "Design configuration" choose design source "Plugins", then plugin "IG User Management"

ig-usermanagement-use.png

  • Change to tab "Fulltext configuration" and enable the lucene index. The app uses this index for some name collision tests.
  • Save the application configuration
  • Optional: Change to tab "ACL" and choose if anonymous users should be able to access the users app. You may want to disable this by setting "Access level for anonymous" to "No access" or disabling direct access for him. While it is impossible for spying out passwords this way you may not want an anonymous user to see all available user names.

Now we already have a ready application for defining users and groups. However OpenWGA does not use it for authentication yet. Configuring this is the next step.

Setup authentication

Authentication is configured on an indivual OpenWGA domain. The domain is a collector for apps that share the same authentication source. Every app belongs to a single domain.

The authentication will be effective for all apps that belong to the domain you configure it on. This may include the user management app itself but must not necessarily be the case. The user management app may also belong to a different domain than the one that uses it for authentication. This would mean that the users defined in the users app cannot be used to login to the users app, but instead a different authentication may be in effect there.

In OpenWGA admin client, Menu "Domains" choose the domain for which you want to setup authentication. If you haven't created any new domains there should be a single domain of name "default", to which all apps belong:

  • Enable "This domain uses authentication"
  • As authentication source choose "Content Store"
  • As Authentication content store choose the app just created

screenshot at 2013-06-18 17:47:13.png

Now authentication is effective for this domain.

Gain access

Open the UI of the user management app, either by manually calling its base URL (the root URL of your server plus the database key of the app as path) or by going to its web application configuration  in OpenWGA admin client  again and using action "Open In > New browser window" on the top right of that page. When you have disabled anonymous access on the app then you should be presented the login page now. Otherwise you should see the UI, which offers a login button to the top left.

The OpenWGA User Management 2 design predefines a user of name "admin", password "wga" which can be used to gain access. Provided your users app is in the domain for which it is the authentication source then you should be able to login with this information. Otherwise you must choose a valid login for whatever is used as authentication on the domain of the users app.

However, this is what the user management UI looks like once you have managed to log in:

screenshot at 2013-06-19 09:16:35.png

Click the "Users" menu on the left and you are presented a user documents list, containing only the single available user "admin" for now:

screenshot at 2013-06-19 09:19:17.png