The following configuration items set up authentication and permissioning information for Liberator's openauth
Openauth is the simplest Auth Module possible; it allows any username to log on to Liberator with any password. It can also specify through configuration what level of access all users have to any object in the system.
For background information, see the Liberator Features and Concepts page about User authentication and permissioning.
The configuration for openauth is kept in a separate Liberator configuration file called openauth.conf. If you're not using the Caplin Deployment Framework, you should put the openauth configuration items you require into this file. When no configuration is set, the default permissions for all users are: read access to all objects, no write access to any objects, and no permission to create any objects.
If you deploy Liberator using the Deployment Framework, the OpenPermissioning Config blade is automatically activated. This blade sets the Liberator's auth module to openauth and configures openauth to give every user read, write and create permission for all objects. The configuration's defined in the file openauth.conf in <Framework-root>/global-config/overrides/servers/Liberator/etc/
(Note that <Framework-root> represents the file path of the Deployment Framework's topmost directory for the Platform installation).
read-access specifes every Liberator user's read access to objects.
Syntax: read-access <access-flag>
Default value: 1 (Every user can read all objects.)
- 0 No user can read any objects.
- 1 Every user can read all objects.
write-access specifies every Liberator user's permission to write to, or create, any object.
Syntax: write-access <access-flag>
Default value: 0 (No user can write to, or create, any object.)
- 0 No user can write to, or create, any object.
- 1 Every user can write to, or create, any object.