Accessing the Administration Client¶
The administration client (i.e. the admin client) is a Java applet providing a Swing user-interface for managing the FWD server process and its configuration. The FWD server has an embedded web server that provides access to this applet via an HTTPS connection.
For details on the prerequisites for the browser, Java plugin and SSL certificates, please see the chapter entitled Administration Client Setup chapter, Prerequisites section in Part 1 of this book.
URL¶
Access the administrative interface by pointing a browser to https://hostname:port/admin where hostname and port are the FWD server's hostname and the administrative port for that FWD server, respectively. To find the administrative port, find the following section in the FWD server's log file (most commonly named server.log in the same directory in which the server was started):
2010-04-07 10:09:06.340::INFO: Logging to STDERR via org.mortbay.log.StdErrLog 2010-04-07 10:09:06.691::INFO: jetty-6.1.14 2010-04-07 10:09:07.138::INFO: Started SslSocketConnector@0.0.0.0:3999
In this case the administrative port is 3999. If the FWD server is running on a system named amazing.acme.com, the URL would be https://amazing.acme.com:3999/admin.
Certificate Issues¶
The FWD server's certificate is used for authentication between FWD components (clients, batch processes, external applications and other servers). The same certificate is used by the embedded web server to provide HTTPS access to the administration client.
The certificate used must have been signed by a certificate authority (CA). Browsers have a list of known (and therefore trusted) certificate authorities. If that CA is not a known to the browser, when the browser connects via HTTPS to the FWD server, there will be some kind of alert or warning. An example from the Mozilla Firefox browser:
The browser's specific process for adding a security certificate exception will have to be followed before the secure web site can be loaded. In this case, the user would click on the “Or you can add an exception...” link and continue through the screens to add the exception to the list of allowed sites.
Logon¶
Once the browser has successfully accessed the URL and loaded the applet, the first screen should look something like this:
Logon to the administration interface using an appropriate userid and password which has sufficient rights necessary for the task. Administration users can have super-user rights but more commonly, the administrative rights will be assigned based on the tasks needed by that particular administrator. The administration user-interface and the FWD server both have a very granular security model that allows a flexible and powerful separation of roles and responsibilities.
If logon is successful, the screen should look like the following:
The menu items are now enabled and can be used to start work on administrative tasks.
Logoff¶
Use the menu item Log Off to end the administration session. The following confirmation will appear:
Use the No button to return to the administration client with no further exit processing. The Yes button confirms the logoff and continues.
The final step in the exit process is to check for pending changes. If any pending changes have been made without forcing the FWD server to refresh its security cache, this warning will appear:
Use the No button to exit without forcing the server to refresh its cache. The Yes button forces a cache refresh before exit. Either way, the logoff with continue. The result is to leave the user at the original logon screen. The user can logon again if needed.
© 2004-2017 Golden Code Development Corporation. ALL RIGHTS RESERVED.