For the authenticated mode a configured gPlazma
is
required (see also the section called “gPlazma
config example to work with authenticated webadmin”). The user may either authenticate by presenting his grid certificate or
by entering a valid username/password combination. This way it is possible to login even if the user does not have a grid-certificate.
The KAuth-File has to be on the same machine as the Webadmin
for
this to work with gPlazma1
, because it is the only available username/password login mechanism of gPlazma1
.
For a non-authenticated Webadmin
you just need to add the Webadmin
service to a domain and configure the port Webadmin
will listen on - webadminHttpPort
.
For authenticated mode the host certificate has to be imported into the dCache-keystore. In the grid world host certificates are usually signed by national Grid-CAs. Refer to the documentation provided by the Grid-CA to find out how to request a certificate. To import them into the dCache-keystore use this command:
[root] #
dcache import hostcert
Now you have to initialise your truststore (this is the certificate-store used for the SSL connections) by using this command:
[root] #
dcache import cacerts
Webadmin-interface uses the same truststore as WebDAV
, so maybe you can skip
this step.
You can enable the Webadmin
interface by adding the service (Webadmin
) to a domain.
Example:
[webadminDomain] [webadminDomain/webadmin] webadminDCacheInstanceName=coolName webadminAuthenticated=true webadminAdminGid=1000
The default value for the webadminHttpsPort
is 8444
and for the
webadminHttpPort
it is
8080
. Have a look at the following example to
see how to modify these values.
Example:
[webadminDomain] [webadminDomain/webadmin] webadminHttpsPort=8445 webadminHttpPort=8081 webadminDCacheInstanceName=coolName webadminAuthenticated=true webadminAdminGid=1000
The most important value is webadminAdminGid
, because it configures who is allowed to
alter dCache behaviour, which certainly should not be everyone:
# ---- GID a user has to have to be considered an Admin of webadmininterface # # When a user has this GID he can become an Admin for webadmininterface webadminAdminGid=1000
To see all webadmin specific property values have a look at
/usr/share/dcache/defaults/webadmin.properties
.
For information on gPlazma
configuration have a look at
Chapter 10, Authorization in dCache and for a special example
the section called “gPlazma
config example to work with authenticated webadmin”.
After startup of webadmin you can reach it via http://example.com:8080/webadmin
.