User Management and Authentication
Out of the box, CA APM Command Center uses the users.xml file for authentication. Edit the file to add, delete, or modify users. For more advanced authentication, configure the user management connection for Command Center to share the users and user groups with CA Application Performance Management (APM). Configuring Command Center to share users enables you to assign user-specific permissions in Command Center. You cannot assign these permissions when using the users.xml file.
Out of the box, CA APM Command Center uses the
users.xmlfile for authentication. Edit the file to add, delete, or modify users. For more advanced authentication, configure the user management connection for Command Center to share the users and user groups with CA Application Performance Management (APM). Configuring Command Center to share users enables you to assign user-specific permissions in Command Center. You cannot assign these permissions when using the
The user management roles do not provide complete permissions to any one role. Set up users only if you intend to have more than one user in Command Center. If you are the only user in your company in Command Center, do not set up User Management in Command Center.
After installation, the easiest way to authenticate Command Center users is using the provided
users.xmlfile. Edit the file to modify, add, or delete users.
Follow these steps:
- Open theAPMCommandCenterServer/config/users.xmlfile.
- Add, delete, or modify users directly in the XML file.By default, a test user is defined:<apm-acc-users><!-- Default user --><user email="[email protected]" firstname="User" lastname="Demo" password="acc"/></apm-acc-users>The user email address is used as a user name.The attribute values cannot be null.
- Save the file.The passwords are removed from the
file, after they have been encrypted in the database. The passwords are stored using a non-reversible algorithm. The passwords cannot be decoded.users.xml
APM and Command Center Configuration for Users and User Groups
Configure Command Center to share the users and user groups with APM. Command Center shares the users with the Enterprise Manager instance that it connects with. Only a domain administrator in APM can configure this connection. After configuration, you can add other users that have permission to manage permissions. If you do not configure this connection, Command Center runs in legacy mode. In legacy mode, you do not have user permission control.
Generate a Security System Token in Team Center
Connect the Enterprise Manager to Command Center. Generate a security token in Team Center.
Follow these steps:
- Log in to the Team Center instance that you want to connect to Command Center.
- Click theSecurityIcon.
- ClickGenerate New Token.TheNew API Security Tokendialog opens:
- Enter a label for the security token.
- SelectSystemfor the token type.
- SelectNever Expiresor set an expiration date for the token according to your internal security guidelines.
- ClickGenerate Token.A token generates.
- Copy the token, and clickClose.
Configure the apmccsrv.properties File
Use the system token to update the
Follow these steps:
- Open theapmccsrv.propertiesfile.
- Go to theAuthentication Configurationsection.
- For theauthentication.aca.url=property, add the Team Center URL with the correct port.Use the webserver port that is configured in theintroscopeenterprisemanager.propertiesfile:introscope.enterprisemanager.webserver.portDefault Port:8081
- Enter the system token for theauthentication.aca.systemToken=property.
- Save the property file.
- Restart Command Center.A restart of Command Center encrypts the system token permanently.
- Verify that you configured the connection correctly. Log in as a domain administrator to Command Center and verify that the User Management tab appears.
You configured Command Center to share authentication with Team Center.