release notes | Book: 1.9.5, 1.9.12 (opt, FHS), 2.2 (FHS), 2.6 (FHS), | Wiki | Q&A black_bg
Web: Multi-page, Single page | PDF: A4-size, Letter-size | eBook: epub black_bg
Installation
Prev Chapter 16. dCache Webadmin-Interface Next
The dCache Book > Configuration of dCache > dCache Webadmin-Interface > Installation

Installation

For the authenticated mode a configured gPlazma is required (see also the section called “gPlazma config example to work with authenticated webadmin”). The user may either authenticate by presenting his grid certificate or by entering a valid username/password combination. This way it is possible to login even if the user does not have a grid-certificate. The KAuth-File has to be on the same machine as the Webadmin for this to work with gPlazma1, because it is the only available username/password login mechanism of gPlazma1. For a non-authenticated Webadmin you just need to add the Webadmin service to a domain and configure the port Webadmin will listen on - webadminHttpPort.

For authenticated mode the host certificate has to be imported into the dCache-keystore. In the grid world host certificates are usually signed by national Grid-CAs. Refer to the documentation provided by the Grid-CA to find out how to request a certificate. To import them into the dCache-keystore use this command: 

[root] # dcache import hostcert

Now you have to initialise your truststore (this is the certificate-store used for the SSL connections) by using this command: 

[root] # dcache import cacerts

Webadmin-interface uses the same truststore as WebDAV, so maybe you can skip this step.

You can enable the Webadmin interface by adding the service (Webadmin) to a domain.

Example:

[webadminDomain]
[webadminDomain/webadmin]
webadminDCacheInstanceName=coolName
webadminAuthenticated=true
webadminAdminGid=1000

The default value for the webadminHttpsPort is 8444 and for the webadminHttpPort it is 8080. Have a look at the following example to see how to modify these values.

Example:

[webadminDomain]
[webadminDomain/webadmin]
webadminHttpsPort=8445
webadminHttpPort=8081
webadminDCacheInstanceName=coolName
webadminAuthenticated=true
webadminAdminGid=1000

The most important value is webadminAdminGid, because it configures who is allowed to alter dCache behaviour, which certainly should not be everyone: 

#  ---- GID a user has to have to be considered an Admin of webadmininterface
#
#   When a user has this GID he can become an Admin for webadmininterface
webadminAdminGid=1000

To see all webadmin specific property values have a look at /usr/share/dcache/defaults/webadmin.properties. For information on gPlazma configuration have a look at Chapter 10, Authorization in dCache and for a special example the section called “gPlazma config example to work with authenticated webadmin”. After startup of webadmin you can reach it via http://example.com:8080/webadmin.

Prev Up Next
Chapter 16. dCache Webadmin-Interface Home Chapter 17.  ACLs in dCache