Configure the users for Document Builder on an Apache
Tomcat server by using these steps.
Before you begin
You must install Apache Tomcat,
Rational® Publishing Engine, and
Document Builder,
and then deploy it before you can configure the users and the Java™ options.
About this task
For more information about how user
names and passwords are stored, see Security considerations for IBM® Rational Publishing Engine.
The user roles should be defined for the rpeng application
only, and not the dgaas application.
Review the Document Builder roles:
Table 1. Document Builder user
roles| Role |
Capabilities |
| End user (rpe_user) |
- Can generate documents from Document Builder
- Can view output files and logs about their document generation jobs
- Can schedule document generation
|
| Report designer (rpe_report_designer) |
- Can upload templates and style sheets into Document Builder
- Can assemble reports
- Can define data source connections
- Can mark reports as available or unavailable to other users
- Can generate documents from the Document Builder
- Can view output files and logs about their document generation jobs
- Can schedule document generation
|
| Administrator (rpe_admin) |
- Can access the Administer menu option
- Can monitor system health, view all running jobs, and assign runtime and environment
variables
- Can generate documents from the Document Builder
- Can upload templates and style sheets into the Document Builder
- Can assemble reports
- Can define data source connections
- Can generate documents from Document Builder
- Can view output files and logs about their document generation jobs
- Can schedule document generation
|
Procedure
- Open the Apache Tomcat Manager
- Stop the deployed web application. In the Applications section, locate the
rpeng.war application row and click
Stop.
- Open the web.xml file located in <Tomcat_install_dir>\webapps\rpeng\WEB-INF.
- If the security constraints are not enabled in the web.xml
file, uncomment the following section:
<security-constraint>
<web-resource-collection>
<web-resource-name>All</web-resource-name>
<url-pattern>/api/*</url-pattern>
<url-pattern>/home/*</url-pattern>
<url-pattern>/license</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>rpe_user</role-name>
<role-name>rpe_report_designer</role-name>
<role-name>rpe_admin</role-name>
</auth-constraint>
</security-constraint>
- Create Apache Tomcat users and roles for Document Builder.
- Open the tomcat-users.xml file, which is located by default in
$CATALINA_HOME\conf\tomcat-users.xml.
- Add the following roles:
<role rolename="rpe_user" />
<role rolename="rpe_report_designer" />
<role rolename="rpe_admin" />
- Add at least one end user. Assign the end user the user roles. Example:
<user username="user" password="password" roles="rpe_user"/>
- Optional: Add report designer users. Assign the report designer the user, and report designer
roles. Example:
<user username="designer" password="password" roles="rpe_user,rpe_report_designer"/>
- Add at least one administrator and assign the administrator both the administrator, user, and
report designer roles. Example:
<user username="admin" password="password" roles="rpe_user,rpe_report_designer,rpe_admin"/>
- Start Document Builder. In the
Applications section of the Apache Tomcat Manager, locate the rpeng.war
application row and click Start.