Getting Access to the Registry

Any user of a JAXR client can perform queries on the Registry for objects that are not restricted by an access control policy. A user must, however, obtain permission from the Registry for the following actions:

• To add data to the Registry

• To update Registry data

• To perform queries for restricted objects

The Registry uses client-certificate authentication for user access.

To create a user that can submit data to the Registry, use the User Registration Wizard of the Web Console. The Web Console is part of the Registry software. For details on using the wizard to obtain a user name and password as well as a certificate that authorizes you to use the Registry, see Creating a User Account in Service Registry 3.1 User’s Guide. You can also use an existing certificate that you obtained from a certificate authority.

Before you can publish to the Registry, you must move the certificate from the .p12 file that you downloaded to a JKS keystore file. The keystore file must reside at the following location in your home directory: $HOME/soar/3.0/jaxr-ebxml/security/keystore.jks. The example programs include an Ant target that performs this task. For details, see To Create a Keystore for Your Certificate.

After you create a user account and a keystore, edit the build.properties file. See To Edit the Security Settings of the build.properties File for details.

To Create a Keystore for Your Certificate

To create a JKS keystore for your certificate, you use the Ant target move-keystore, which is defined in the file INSTALL/registry-samples/common/targets.xml. This targets file is used by all the build.xml files in the example directories.

The Admin Tool keystoreMover command performs the same function as this Ant target. See keystoreMover in Service Registry 3.1 Administration Guide for details.

The move-keystore target uses a property named keystoreFile that is defined in the file INSTALL/registry-samples/common/build.properties. Do not change the definition of this property. The move-keystore target also specifies a keystore password of ebxmlrr. This value is used in the storepass property of the file build.properties.

1. Go to any of the example directories except common.

   For example, you might use the following command:

   cd registry-samples/search-id

2. Run the following command (all on one line):

   Ant-base/ant move-keystore -Dp12path=path-of-p12-file -Dalias=your-user-name -Dpassword=your-password

   Use a command like the following:

   Ant-base/ant move-keystore -Dp12path=/home/myname/testuser.p12 -Dalias=testuser -Dpassword=testuser

   To see a syntax reminder for this target, use the command Ant-base/ant -projecthelp.

To Edit the Security Settings of the build.properties File

1. Open the file INSTALL/registry-samples/common/build.properties in a text editor.

2. Find the following lines:

   alias= keypass=

3. For the value of the alias property, specify the alias that you provided to the User Registration Wizard.

4. For the value of the keypass property, specify the password that you provided to the User Registration Wizard.

5. Save and close the file.