User Login
Configuration - User Login
N2C5 does not perform its own user management. It uses the user list held in the Oracle OCNCC SMF database.
Each N2C5 instance is connected to a single SMF database. This database connection is defined in the “/etc/jarvis/n2c5-{suffix}.xml” file as described in the Core Jarvis chapter.
The “login” block defines the relevant configuration for N2C5.
<login module="LoginSMF">
<parameter name="require_https" value="no"/>
<parameter name="have_screens_user" value="yes"/>
<parameter name="login_groups" value="TEMPLATE NAME HERE"/>
<parameter name="admin_read_groups" value="TEMPLATE NAME HERE"/>
<parameter name="admin_write_groups" value="TEMPLATE NAME HERE"/>
</login>
The parameters for the “login” element are:
- module = “LoginSMF” : Specifies the login module which applies to this installation. For N2C5 this should be “LoginSMF”.
- have_screens_user = “yes” : Indicates if this OCNCC installation has the SCREENS_USER column on the SMF_USER table. Default = “yes”.
- login_groups = “<template1>,<template2>,…” : Defines which SMF templates a user must possess before N2C5 access is granted. Default = “*” indicating all valid SMF users may login to N2C5, regardless of template.
- admin_read_groups = “<template1>,<template2>,…” : Defines which SMF templates a user must possess before N2C5 admin read access is granted. Default = “” indicating that no one can login with admin read access.
- admin_write_groups = “<template1>,<template2>,…” : Defines which SMF templates a user must possess before N2C5 admin write access is granted. Default = “” indicating that no one can login with admin write access.
If a user group belongs to admin_write_groups then they automatically have admin read group access.
Pages that require admin group access are:
- Product
- Config
SMF Users
All N2C5 users must first be created as SMF users in the indicated database. The following conditions must also be met:
- The “Screen User” flag must be set (if present in your OCNCC version).
- The user must not be LOCKED in the SMF system.
SMF Templates
By default ALL SMF users will have limited access to N2C5. Access to administrator screens such as Products and ACS will only be allowed to members of the admin_read_groups or admin_write_groups (see above).
If you wish to further restrict which particular SMF users may access N2C5 then continue with the following steps.
- Choose an “SMF Template” within OCNCC to be the template which allows N2C5 access.
- Grant the chosen template to all relevant SMF users.
- Configure N2C5 as to which template name it is to use (as above).
The chosen SMF template may be an existing OCNCC template, or you may create a new SMF template dedicated to this purpose.
Please refer to your OCNCC SMS documentation for instructions on management of SMF users and templates.
No restart is required in any case.
Note: that existing logged-in sessions will not be affected until they expire.