Configuring users for Document Builder on WebSphere Application Server Liberty

Configure the users for Document Builder on IBM® WebSphere® Application Server Liberty by using these steps.

Before you begin

You must install WebSphere Application Server Liberty, Rational® Publishing Engine, and tDocument Builder, and then deploy Document Builder before you can configure the users.

About this task

For more information about how user names and passwords are stored, see Security considerations for IBM Rational Publishing Engine.

The user roles should be defined for the rpeng application only, and not the dgaas application.

Review the Document Builder roles:

Table 1. Document Builder user roles
Role Capabilities
End user (rpe_user)
  • Can generate documents from Document Builder
  • Can view output files and logs about their document generation jobs
  • Can schedule document generation
Report designer (rpe_report_designer)
  • Can upload templates and style sheets into Document Builder
  • Can assemble reports
  • Can define data source connections
  • Can mark reports as available or unavailable to other users
  • Can generate documents from the Document Builder
  • Can view output files and logs about their document generation jobs
  • Can schedule document generation
Administrator (rpe_admin)
  • Can access the Administer menu option
  • Can monitor system health, view all running jobs, and assign runtime and environment variables
  • Can generate documents from the Document Builder
  • Can upload templates and style sheets into the Document Builder
  • Can assemble reports
  • Can define data source connections
  • Can generate documents from Document Builder
  • Can view output files and logs about their document generation jobs
  • Can schedule document generation

Procedure

  1. Use the following command to stop the deployed web application:server stop serverName
  2. Open the server.xml file for the Liberty profile in the <Liberty_installdir>/server_directory/user/servers/server_name directory to configure the users and roles.
  3. In the features section, enable the following Liberty features:
    <feature>appSecurity-2.0</feature>
    <feature>servlet-3.0</feature>
  4. In the basicRegistry section, add users to the registry, for example:
    <basicRegistry id="basic" realm="WebRealm">
         <user name="rpe_user" password="xyz" />
         <user name="rpe_report_designer" password="xyz" />
         <user name="rpe_admin" password="xyz" />
    </basicRegistry>
  5. Use application binding tags to assign users to roles, for example:
    <application type="ear" location="C:\IBM\WebSphere\Liberty\usr\servers\rpeng\apps\com.ibm.rpe.web.app.ear">
        <classloader apiTypeVisibility="spec, ibm-api, api" commonLibraryRef="rcl" />
        <application-bnd>
            <security-role name="rpe_user">
                   <user name="rpe_user" />
               </security-role>
                <security-role name="rpe_report_designer">
                   <user name="rpe_report_designer" />
               </security-role>
                <security-role name="rpe_admin">
                   <user name="rpe_admin" />
               </security-role>
            </application-bnd>
        </application>
  6. Use the following command to start the deployed web application:server start serverName

Feedback