Hi,

I have some questions about the Index page:

  • Is there a way to replace it with an own page?
  • What's best practice to not show th e index page to the users but still
    have access to the admin panel?

Thanks for answers in advance

Regards, Dani

asked 15.09.2016 at 16:08

dharlach's gravatar image

dharlach
(suspended)
accept rate: 0%

edited 03.10.2016 at 14:10

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
9.4k31958


You can block the access to all /info pages except the admin_panel.jsp with a security constraint in the /webapps/ivy/WEB-INF/web.xml

<web-app ......
    ....

    <security-constraint>
        <display-name>Restrict access to info page</display-name>
        <web-resource-collection>
            <web-resource-name>Restricted folders</web-resource-name>
            <url-pattern>/info/[^admin_panel]*</url-pattern>
        </web-resource-collection>
        <auth-constraint />
    </security-constraint>
</web-app>

If the user tries to access the 'info/index.jsp' page a 404 error page will be displayed. The admin_panel.jsp still works but you have to know the URL :-)


You could also require basic authentication for users that are accessing any /info/ page: SEe http://wiki.metawerx.net/wiki/SecuringYourSiteWithContainerManagedSecurity

webapps/ivy/WEB-INF/web.xml

<web-app>
 ....
  <security-constraint>
        <display-name>Restrict access to info page</display-name>
        <web-resource-collection>
            <web-resource-name>Restricted folders</web-resource-name>
            <url-pattern>/info/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>sysadmin</role-name>
        </auth-constraint>
  </security-constraint>
  <login-config>
    <auth-method>BASIC</auth-method>
  </login-config>
  <security-role>
    <role-name>sysadmin</role-name>
  </security-role> 
<web-app

webapps/ivy/META-INF/context.xml

<Context>
 ....
<Realm className="org.apache.catalina.realm.MemoryRealm"
           pathname="[AbsolutePathToYourEngine]/webapps/ivy/WEB-INF/tomcat-users.xml"/>
</Context>

webapps/ivy/WEB-INF/tomcat-users.xml

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="sysadmin"/>
  <user username="admin" password="nimda" roles="sysadmin"/>
</tomcat-users>
link

answered 03.10.2016 at 14:04

Reguel%20Wermelinger's gravatar image

Reguel Werme... ♦♦
9.4k31958
accept rate: 70%

edited 08.11.2016 at 16:13

Hi Dani

The default pages (Application Home, Task List, Process Start List, Login and End) could be configured per application on the engine. See Engine Guide -> Administration -> Default Executed Processes. Even our shipped worklfow-uis and the integrated portal make use of it.

link

answered 19.09.2016 at 11:12

Flavio%20Sadeghi's gravatar image

Flavio Sadeghi ♦♦
(suspended)
accept rate: 75%

Hi Flavio

Thanks for your response.

This are the configurations per application right? Can you also replace the /ivy/info/index.jsp page with those settings?

Regards, Dani

(19.09.2016 at 15:45) dharlach dharlach's gravatar image

No these settings do not influence the default info pages. However you can customize the info JSPs for your own needs by editing the sources in /webapps/ivy/info

(03.10.2016 at 14:09) Reguel Werme... ♦♦ Reguel%20Wermelinger's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×27
×7

Asked: 15.09.2016 at 16:08

Seen: 2,531 times

Last updated: 08.11.2016 at 16:13