Hi Michael,
well, you have two options:
a) without stopping Marmotta, just execute the following command from
the same machine where it's running:
curl -X POST -H "Content-Type: application/json" -d '["false"]'
http://localhost:8080/marmotta/config/data/security.enabled
b) with Marmotta stopped, just add (or edit) the
system-config.properties file in the $MAMOTTA_HOME to have one line with:
security.enabled = false
Both are pretty straightforward.... what's the deal?
On 20/01/15 12:48, Bohms, H.M. (Michel) wrote:
Thx for confirmation (indeed issue for both simple and standard...).
Please advice simplest way to work around when having local access...
(I did not find the setting in the properties files for disabling the security)
Thx Michel
Dr. ir. H.M. (Michel) Bohms
Sr. Research Scientist
Structural Reliability
T +31 (0)88 866 31 07
M +31 (0)63 038 12 20
E michel.bo...@tno.nl
This message may contain information that is not intended for you. If you are
not the addressee or if this message was sent to you by mistake, you are
requested to inform the sender and delete the message. TNO accepts no liability
for the content of this e-mail, for the manner in which you use it and for
damage of any kind resulting from the risks inherent to the electronic
transmission of messages.
-----Original Message-----
From: Sergio Fernández [mailto:wik...@apache.org]
Sent: dinsdag 20 januari 2015 12:44
To: users@marmotta.apache.org
Cc: Taal, J. (Johan)
Subject: Re: issue on security
Hi Michael,
On 15/01/15 16:54, Bohms, H.M. (Michel) wrote:
We have two installations, one on windows and one on linux/Ubuntu.
We have same issue on both:
When we set the security to standard (via console/prfiles etc.) we cannot login
with admin/pass123.
(we thought that admin would be aut. part of manager role..)
How should we do this (to be able to remotely upload data)
(ie do we need to set manager password somewhere and use THAT? With
admin user?)
We definitely have an issue with the login mechanism, see MARMOTTA-534 for
further details, and has nothing to do with the platform where it is installed.
Please, provide details to the issue and then we can try to address it.
In the meantime, for temporally bypassing the issue, if your instance is
running on a protected environment (i.e., a machine running behind a firewall
in your intranet) you can disable security by executing the following request
from the same machine where Marmotta is running:
curl -X POST -H "Content-Type: application/json" -d '["false"]'
http://localhost:8080/marmotta/config/data/security.enabled
You are able to do that because Marmotta comes with the simple profile enabled
by default, which allows read access from everywhere and write access only from
localhost or other local interfaces. You can find some documentation about the
Security Profiles at:
http://marmotta.apache.org/platform/security-module.html
Please, take into account that having security disabled allows everybody to
perform write requests (POST/PUT/DELETE/PATCH) without authentication. You can
keep this configuration if it easier for you.
But I have to insist this setup is _not_ recommended for instances with open
access.
In practice you should always keep security enabled, switching to the
'standard' security profile for every installation that requires external
access beyond a local demo. But I guess the authentication issue would remain,
even with that profile enabled. Therefore, if your installation fits with the
restrictions described above, you can have whatever profile while you keep
security disabled. Otherwise we have to take a closer look to the issue and
related problems reported to MARMOTTA-534.
Hope that helps.
Cheers,
--
Sergio Fernández
Partner Technology Manager
Redlink GmbH
m: +43 660 2747 925
e: sergio.fernan...@redlink.co
w: http://redlink.co
--
Sergio Fernández
Partner Technology Manager
Redlink GmbH
m: +43 660 2747 925
e: sergio.fernan...@redlink.co
w: http://redlink.co
