Windup Documentation

View on GitHub

Configuring authentication for the {WebName} on Linux, Windows, or macOS

You can configure the {WebName} to require authentication for access. To enable authentication, you have to install Red Hat Single Sign-On (SSO).

Enabling authentication

Procedure

  1. Adjust the port number that the Red Hat SSO server opens to avoid conflicts with the port that the {WebName} uses by entering the following:

    • For Linux and macOS:

      $ ./standalone.sh -Djboss.socket.binding.port-offset=<offset_value>

    • For Windows:

      > ...\bin\standalone.bat -Djboss.socket.binding.port-offset=<offset_value>

  2. Open the Red Hat SSO administration console from http://localhost:8180:

    • Username: admin

    • Password: admin

  3. Add a realm named {LC_PSN}.

  4. In the realm, create a client named {LC_PSN}-web.

  5. Check that Access Type is set to public.

  6. Set Valid Redirect URIs to http://localhost:8080/windup-ui/*.

  7. Set Web Origins to * and click Save.

  8. Create a role named user.

  9. Create a user with any name.

  10. Set the credentials of the user, disable Temporary, and assign the role "user" to the user.

  11. Switch the {WebName} to Authentication required mode by doing the following:

    1. Export the following ENV variables:

      • For Linux and macOS:

        export SSO_AUTH_SERVER_URL=http://localhost:8180/auth
export SSO_REALM=windup
export SSO_SSL_REQUIRED=EXTERNAL
export SSO_CLIENT_ID=windup-web

      • For Windows:

        set SSO_AUTH_SERVER_URL=http://localhost:8180/auth
set SSO_REALM=windup
set SSO_SSL_REQUIRED=EXTERNAL
set SSO_CLIENT_ID=windup-web
        Note

        Environment variables that are set by the set command in CMD are local, available to the current CMD session only. Use the Windows Control Panel to permanently set the environment variables.

    2. Run the following script:

      • For Linux and macOS:

        $ <MTR_HOME>/switch_to_authentication_required.sh

      • For Windows:

        C:\<MTR_HOME>\switch_to_authentication_required.bat

  12. Start the {WebName} by entering the following:

    • For Linux and macOS:

      $ <MTR_HOME>/run_windup.sh

    • For Windows:

      C:\<MTR_HOME>\run_windup.bat

  13. Open the browser at http://localhost:8080/windup-ui.

Disabling authentication

Procedure

  1. Run the following script:

    • For Linux and macOS:

      $ <MTR_HOME>/switch_to_automatic_authentication.sh

    • For Windows:

      C:\<MTR_HOME>\switch_to_automatic_authentication.bat