website logo
⌘K
πŸ“Introduction
πŸ“Essential Overview
Getting Started (What is Essential?)
The Essential Information Eco System
πŸ“How to be Successful with Essential
Identify Stakeholders and Concerns
Prioritise Delivery
Identify/Define the Views that will support Delivery
Identify any Meta Model extensions required and the impacts
Identify the data required, data sources, and population method
Plan Training/Consultancy
Extend Launchpad and build integrations and views as required
Complete Portal and Repository set-up
Capture data
πŸ“„Embed EA data management process to ensure data is maintained
Measure Value
πŸ“How To Use Essential
Using Essential Overview
πŸ“„Logging In and The Homepage
πŸ“„Capturing and Maintaining Data
πŸ“„Everyone's Essential Editors
πŸ”Hints & Tips
πŸ“„Bulk Data Imports
πŸ“„Essential Import Utility - To Bulk Load Data
πŸ“„Essential Viewer
πŸ“„Set Up Support Tools
πŸ“„Extending the Essential Meta Model
πŸ“„System Administration
πŸ“„Repository Administration
πŸ“„Managing User Security
πŸ“„Essential Product Releases and Updates
πŸ“EA Tutorials
πŸŽ“Business Architecture
πŸŽ“Application Architecture
πŸŽ“Technology Architecture
πŸŽ“Information Architecture
πŸ“„EA Support/Utilities
🌐Essential Meta Model Diagrams
Essential Meta Model (Overview)
Business Layer
Application Layer
Information/Data Layer
Technology Layer
EA Support
Meta Model Constructs
Essential Modelling Patterns/Definitions
πŸ“How to Populate Essential Views
Roadmap Enablement and Scoping Frameworks
Enterprise Views
Business Views
Information Views
Application Views
Technology Views
πŸ“Open Source
Open Source Overview
πŸ› οΈOpen Source Multi-User
βš’οΈOpen Source Installation
Accessing Essential OS
Essential OS Buttons
❓FAQs
Modelling in Essential
Data Capture, Maintenance and Releases
Viewer
User Management and Security
Launchpad and Import Utility
Open Source Configuration
Docs powered by
Archbee
How To Use Essential
Managing User Security

Securing the Open Source Portal

7min

This page is relevant for Open Source users only. Essential OS security is limited in that you can either allow people access or not. Unlike Essential Cloud, you cannot control access to specific views or data by user/role.

This tutorial describes how you can apply access control to Essential Viewer, securing it for use by authorised users only.

If you wish to control access to the analysis reports of Essential Viewer, set up the required user accounts as follows:

Define Essential Viewer Users

Edit the /conf/tomcat-users.xml file to create user accounts that have the report_viewer role. e.g.

XML
|
   <user roles="report\_viewer" password="viewer" username="architect"></user>
   </role>
ο»Ώ

Enable Security Constraints

To enable the user authentication, you must enable the security constraints in each Essential Viewer application.

This is done by editing the web.xml file that controls Essential Viewer. This is located in the WEB-INF sub-folder of each Essential Viewer deployment in your Java Application Server. e.g. on Apache Tomcat, this is in webapps/

Go to the WEB-INF folder of your selected Essential Viewer deployment.

  • Open the file 'web.xml' for editing - you can do this in Notepad or any other text editor.
  • Scroll to the bottom of the file and you will see the following section of XML:
XML
|
```<!--


Entire Application
/*


-->

```
ο»Ώ
  • Remove the opening commentΒ [ <!-- ]Β from the line before theΒ <security-constraint>Β tag
  • Remove the closing commentΒ [ --> ]Β from the line afterΒ </auth-constraint>Β tag a couple of lines down.
  • Repeat this to remove all the opening and closing comments that appear in the first column of the file until the security section looks like:
XML
|
```

Entire Application
/*


report_viewer


BASIC
Tomcat Manager Application



The role that is required to log in to the Essential Viewer Application

report_viewer
```
ο»Ώ

This switches on authentication control for all URLs in the application. This includes the publishing service as well as the Viewer itself but each uses the same access control list / security configuration.

By default, this will enable Tomcat BASIC AUTHENTICATION and any user with the role "report_viewer" [as defined in theΒ tag] can access the site. As we discussed, the user list is maintained in the tomcat-users.xml document, although Tomcat can be integrated with LDAP services.

Restart Java Application Server

After making these changes, restart the Tomcat service.

These user names and passwords will now also be required when publishing your architecture from the Essential Architecture Reporting tab in Protege.

Updated 03 Mar 2023
Did this page help you?
PREVIOUS
Setting up User Security
NEXT
Essential Product Releases and Updates
Docs powered by
Archbee
TABLE OF CONTENTS
Define Essential Viewer Users
Enable Security Constraints
Restart Java Application Server
Docs powered by
Archbee