release notes | Book: 2.10, 2.11, 2.12, 2.13, 2.14 | Wiki | Q&A black_bg
Web: Multi-page, Single page | PDF: A4-size, Letter-size | eBook: epub black_bg

Installation

For the authenticated mode a configured gPlazma is required (see also the section called “gPlazma config example to work with authenticated webadmin”). The user may either authenticate by presenting his grid certificate or by entering a valid username/password combination. This way it is possible to login even if the user does not have a grid certificate. For a non-authenticated webadmin service you just need to start the httpd service.

For the authenticated mode using a grid certificate the host certificate has to be imported into the dCache-keystore. In the grid world host certificates are usually signed by national Grid-CAs. Refer to the documentation provided by the Grid-CA to find out how to request a certificate. To import them into the dCache-keystore use this command:

[root] # dcache import hostcert

Now you have to initialise your truststore (this is the certificate-store used for the SSL connections) by using this command:

[root] # dcache import cacerts

The webadmin service uses the same truststore as webdav service, so you can skip this step if you have webdav configured with SSL.

The default instance name is the name of the host which runs the httpdDomain and the default http port number is 2288 (this is the default port number of the httpd service). Now you should be able to have a read-only access to the webpage http://example.com:2288/webadmin.

In the following example we will enable the authenticated mode.

Example:

[httpdDomain]
      authenticated=true

The most important value is httpd.authz.admin-gid, because it configures who is allowed to alter dCache behaviour, which certainly should not be everyone:

# # When a user has this GID he can become an admin for the webadmin interface #
httpd.authz.admin-gid=0

To see all webadmin specific property values have a look at /usr/share/dcache/defaults/httpd.properties.

For information on gPlazma configuration have a look at Chapter 10, Authorization in dCache and for a special example the section called “gPlazma config example to work with authenticated webadmin”.