Access control for EasyAdmin using Apache HTTP Server
The use of OpenLM for the management of FLEXnet license servers provides a unique set of tools for managers and system administrators. Features range from a simple inventory management, to usage patterns and billing reports. OpenLM EasyAdmin supplies a wide range of license statistics, FLEXnet reports and management tools. The ability to control access to EasyAdmin is very important when the tool is distributed among many users.
OpenLM includes a built in web server in order to make sure that new users are able to install the software and use EasyAdmin flawlessly. Following the initial evaluation period of the software, we strongly recommend to move EasyAdmin to your preferred web server: IIS, Apache etc. Check the following article that explains how to setup OpenLM on Apache HTTP server.
Apache server supports different methods that allow you to restrict access to EasyAdmin:- By user - Authentication and Access control.
- By Host - IP address and domain name restrictions.
More detailed information is available at Apache foundation site: http://httpd.apache.org/docs/1.3/howto/auth.html#access
Authentication methods supported by Apache
Basic Authentication - The most basic authentication method available,suffers from many cavities including slow authentication and security problems. Despite these problems this method is probably sufficient for protecting OpenLM EasyAdmin in an internal company network.Digest Authentication - Same as basic authentication but it encrypts passwords and by doing that solves one of the main cavities of the Basic Authentication methods.
Database Authentication methods - One of the major problems of both the Basic and Digest Authentication methods is that the user and passwords are stored in a plain text file. Database authentication methods allows system managers to store passwords in database.
In this article we will demonstrate the Basic Authentication method.
Step A: Create the password file
Password file creation is done by using the Apache command htpasswd.exe
Step B: Set the configuration to use this password file
Open your Apache server configuration file: httpd.conf. Locate the virtual directory defined for EasyAdmin or add one. And add authentication to this virtual directory.
# EasyAdmin Virtual Directory
Alias /EasyAdmin "C:\Program Files\Apache Software Foundation\Apache2.2\htdocs"
<Directory "C:\Program Files\Apache Software Foundation\Apache2.2\htdocs">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
# Limit access to EasyAdmin
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/passwords/passwords"
Require user oren
</Directory>
This example is basic, more complex and secure methods are available by the use of Apache HTTP server.
Summary
The implementation of access control for EasyAdmin is very simple if you serve EasyAdmin with an Apache HTTP server. There are two categories of tools, based on host or on user. The methods that are based on user authentication are more flexible and offer different levels of security, depending on the organization's needs.The use of OpenLM for the management of FLEXnet license servers provides a unique set of tools for managers and system administrators. Features range from a simple inventory management, to usage patterns and billing reports. OpenLM EasyAdmin supplies a wide range of license statistics, FLEXnet reports and management tools. The ability to control access to EasyAdmin is very important when the application is distributed among many users.
No comments:
Post a Comment