Configuring user authentication for MobileFirst Server administration
You configure user authentication and choose an authentication method. The configuration procedure depends on the web application server that you use.
The MobileFirst Server administration requires user authentication.
You configure user authentication after the installer deploys the MobileFirst Server administration web applications in the web application server.
worklightadmin
worklightdeployer
worklightoperator
worklightmonitor
You must map the roles to the corresponding sets of users. The worklightmonitor role can view data but cannot change any data. The purpose of the roles is illustrated by the following table.
| Administrator | Deployer | Operator | Monitor | |
|---|---|---|---|---|
| Java EE security role. | worklightadmin | worklightdeployer | worklightoperator | worklightmonitor |
| Deployment | ||||
| Deploy an application. | Yes | Yes | No | No |
| Deploy an adapter. | Yes | Yes | No | No |
| MobileFirst Server Management | ||||
| Configure runtime settings. | Yes | Yes | No | No |
| Application Management | ||||
| Upload new MobileFirst application. | Yes | Yes | No | No |
| Remove MobileFirst application. | Yes | Yes | No | No |
| Upload new MobileFirst adapter. | Yes | Yes | No | No |
| Remove MobileFirst adapter. | Yes | Yes | No | No |
| Turn on or off application authenticity testing for an application. | Yes | Yes | No | No |
| Change properties on MobileFirst application status: Active, Active Notifying, and Disabled. | Yes | Yes | Yes | No |
| Lock an application so the new artifacts cannot be used for a version. | Yes | Yes | Yes | No |
| Notifications | ||||
| Unsubscribe a device from SMS notification. | Yes | Yes | Yes | Yes |
| Configure Push. | Yes | Yes | Yes | Yes |
| Logging | ||||
| Enable and disable device logging remotely. | Yes | Yes | Yes | No |
| Configure log levels. | Yes | Yes | Yes | No |
| Disable the specific device, marking the state as lost or stolen so that access from any of the applications on that device is blocked. | Yes | Yes | Yes | No |
| Disable a specific application, marking the state as disabled so that access from the specific application on that device is blocked. | Yes | Yes | No | No |
If you choose to use an authentication method through a user repository such as LDAP, you can configure the MobileFirst Server administration so that you can use users and groups with the user repository to define the Access Control List (ACL) of the MobileFirst Server administration. This procedure is conditioned by the type and version of the web application server that you use.