Chapter 1 Getting Started with the Web Console

The Web Console is a web-based user interface that allows you to search the Registry and to publish content to the Registry and Repository. This chapter describes the preliminary steps to follow before you can perform these operations.

• Starting the Web Console

• Changing the Default Language

• Enabling Versioning of Registry Content

• Creating a User Account

Starting the Web Console

To start the Web Console, type the following URL into a browser:

http://hostname:port/soar/

Here is an example:

http://localhost:6480/soar/

If the Registry is installed on your system, the hostname is localhost. If the Registry is not installed on your system, use the name of the system where the Registry is installed. The port value is usually 6480 unless there is a port conflict.

The Web Console has the following main sections:

• Top banner, where you can do the following:

  • Go to the Welcome page of the Web Console

  • Access the Registry documentation or online help

  • Log in and log out

  • Reset the locale (see Changing the Default Language for Labels and Messages

  • End the current session

  • Set versioning for Registry content (see Enabling Versioning of Registry Content)

  • Set the content language (see Changing the Default Language for Registry Content)

• Menu area on the left side of the screen, which contains three tabs:

  • Tasks

  • Search

  • Explore

• Main area, which contains either the Welcome page or a page resulting from a task, search, or explore action

When you first access the Web Console, you see the Welcome page, and the Tasks tab is visible. Click the Home link in the banner area to return to this page and tab.

Click Documentation to view the Service Registry documentation at http://docs.sun.com/coll/1314.2 in a new browser window.

Click User Guide to view the online help for the Web Console in a new browser window.

You use the Login button to log in to the Web Console, but you do not perform this task until you have created a user account. After you log in, the Login button is grayed out, and the End Session button changes to a Logout button.

Click the End Session button to exit the Web Console when you are not logged in.

If you click either End Session or Logout, you go to a Session Ended page that allows you to return to the Registry and start a new session.

Changing the Default Language

You can change the default language for the display of two kinds of information:

• Web Console labels and messages

• Registry content

Changing the Default Language for Labels and Messages

The Web Console’s labels and messages can be displayed in the languages listed in Table 1–1.

Table 1–1 Languages Supported by the Web Console

Language	Code
Simplified Chinese (China)	zh_CN
Traditional Chinese (Taiwan)	zh_TW
English (United States)	en
French	fr
German	de
Japanese	ja
Korean	ko
Spanish	es

To Change the Language for Labels and Messages

1. Add the language to your browser language preferences by following the instructions for the browser.

   For most browsers, you can find the language settings in the General area of the Internet Options, Options, or Preferences dialog box.

2. Make the language your preferred language by placing it first in the list of languages.

3. Click the Reset Locale button.

   The labels appear in the appropriate language.

Changing the Default Language for Registry Content

You can publish content to the registry in any of the languages that appear in the Content Language drop-down list in the top banner area. The default is the language setting for your browser.

To change the language from the default, choose the language from the Content Language drop-down list.

Enabling Versioning of Registry Content

By default, versioning of registry objects is turned off. All objects have the version number 1.1. If you want an object to obtain a new version number when you modify it, select the Versioning ON checkbox. Selection of this checkbox has no effect unless an administrator has performed the task described in Enabling Versioning of Registry Objects in Service Registry 3.1 Administration Guide.

Creating a User Account

You can browse the public content of the Registry without logging in to the Registry. However, to gain read access to private objects and write access to public objects, you must have a user account with the Registry. After you create a user account, you can perform secure operations such as publishing, modifying, and removing objects.

Creating a user account involves the following general steps:

1. Fill out a new user's details form.

2. Associate a set of credentials with the user account. You can obtain these credentials in either of two ways:

   • The Registry can generate credentials for you. This is the simpler way to obtain credentials.

   • If you have a certificate issued by a third-party certificate authority, you can use this certificate to obtain credentials. Before you can use the certificate, an administrator must install the third-party root certificates into the Application Server domain for the Registry. See To Add Root Certificates to the Trusted Certificates in the Registry Domain in Service Registry 3.1 Administration Guide for details.

To create a user account, perform the following tasks:

• To Start the User Registration Wizard

• Either To Obtain a Registry-Generated Certificate or To Use a Third-Party Certificate

• Either To Load the Certificate into the Mozilla or Firefox Browser or To Load the Certificate into the Internet Explorer Browser

• To Log In to the Registry

• Authenticating to the Registry

To Start the User Registration Wizard

1. Click the Tasks tab in the left menu area, then click Create User Account.

2. Click the Start Registration Wizard button.

3. Read the instructions under Step 1: Requirements and click Next.

4. Fill out the New User's Details form.

   You must enter data in the following fields:

   • First Name

   • Last Name

   • City

   • State or Province

   • Country (limited to two characters; use country code)

5. Click Next.

   The User Authentication Details page appears.

6. On the User Authentication Details page, select one of the following radio buttons:

   • Select Generate Key Pair and Download PKCS12 KeyStore (the default) if you want the Registry to create a certificate for you. See To Obtain a Registry-Generated Certificate for details about this task.

   • Select Upload X.509 Certificate (DER) if you want to use an existing third-party certificate. See To Use a Third-Party Certificate for details about this task.

To Obtain a Registry-Generated Certificate

Follow these steps if you selected the Generate Key Pair and Download PKCS12 KeyStore radio button on the User Authentication Details page.

1. On the User Authentication Details page, type a user name in the Alias text field.

2. Type a password in the Password and Password (repeat) text fields.

   The password must be at least 6 characters in length.

3. Type values in the following text fields:

   • Organizational Unit

   • Organization

   The Name field contains the name that you specified as the Last Name in the New User's Details form. The City, State or Province, and Country fields also contain the values you specified in the New User's Details form. These fields are not editable. If you need to make corrections in these fields, click Previous and make the corrections in the New User's Details form.

   All fields are required.

4. Click Next.

   A page labeled Step 4: Load Key to Web browser appears, with the message “New user successfully registered.”

5. Click Download.

6. In the dialog box, choose the option that allows you to save the generated certificate to disk. In the file chooser dialog, choose a directory and name for the file.

   The file must have the suffix .p12.

   The default action is to save the certificate in your home directory, in a file that is named generated-key.p12.

7. Import the generated certificate into your browser.

   See To Load the Certificate into the Mozilla or Firefox Browser or To Load the Certificate into the Internet Explorer Browser for details.

To Use a Third-Party Certificate

Follow these steps if you selected the Upload X.509 Certificate (DER) radio button on the User Authentication Details page. These steps place the certificate in the server keystore for the Registry and load the certificate into the browser.

Before You Begin

The third-party certificate must be in X.509 format. Typically, the certificate is in a file with the suffix .cer.

1. On the User Authentication Details page, click the Choose Certificate File button.

2. In the File Upload dialog box, click the Browse button to locate the file to upload, then click Upload File.

3. Click OK.

   The name of the file appears on the User Authentication Details page next to the Choose Certificate File button.

4. Click Next.

5. On the Step 4: Load Key to Web browser page, follow the instructions to import the certificate into your browser if it is not already there.

   See To Load the Certificate into the Mozilla or Firefox Browser or To Load the Certificate into the Internet Explorer Browser for details.

To Load the Certificate into the Mozilla or Firefox Browser

1. Navigate to the certificate manager window. Depending on your version of Mozilla or Firefox, the path to this window could be any of the following:

   • Edit->Preferences->Privacy & Security->Certificates->Manage Certificates

   • Edit->Preferences->Advanced->Security->View Certificates

   • Tools->Options->Advanced->Certificates->Manage Certificates

   • Tools->Options->Advanced->Encryption->View Certificates

   The certificate manager window appears, open to the Your Certificates tab.

2. In Mozilla or more recent versions of Firefox, click the Manage Certificates button. In some earlier versions of Firefox, click View Certificates.

3. Click the Import button.

4. In the File Name to Restore file chooser dialog, select the .p12 certificate file, then click Open.

5. In the Prompt dialog, type an account password for the Master Password for the Software Security Device.

   This password is specific to your browser account and is assigned by the browser profile owner. A common convention is to use the same password as the login account on the client machine.

6. In the Password Entry dialog, type the certificate password.

   This password is used to protect the client certificate. If you are using a registry-generated certificate, type the password that you specified on the User Authentication Details page.

   An Alert dialog with the message: “Successfully restored your security certificate(s) and private key(s)” appears.

7. Click OK.

8. Close the Certificate Manager and Preferences/Options dialogs.

Next Steps

After you import the certificate, you are ready to log in to the registry. See To Log In to the Registry for details.

To Load the Certificate into the Internet Explorer Browser

1. Choose Internet Options from the Tools menu.

2. Click the Content tab.

3. Click Certificates.

4. Click Import to open the Certificate Import Wizard.

5. In the Certificate Import Wizard, click Next.

6. On the File to Import page, click Browse and locate the .p12 file, then click Next.

7. On the Password page, do the following:

   1. Type the password that you specified for the certificate.

   2. Select the Mark the Key as Exportable checkbox.

   3. Do not select the Enable Strong Private Key Protection checkbox.

   4. Click Next.

8. On the Certificate Store page, choose the default, Place All Certificates in the Following Store (Personal), then click Next.

9. Click Finish.

10. Click OK in the information dialog that appears.

    The new certificate, with the first and last name you specified, appears in the Certificates window.

11. Click Close in the Certificates window.

12. Click OK in the Internet Options window.

Next Steps

After you import the certificate, you are ready to log in to the registry. See To Log In to the Registry for details.

To Log In to the Registry

After you import a certificate to the browser, you are ready to log in.

1. On the Step 4: Load Key to Web browser page, click the Finish button.

2. In the top banner area of the Web Console, click the Login button.

3. Click OK in the dialog boxes to verify the certificate.

   After you log in, an “Authentication successful.” message appears in the top banner area. In addition, the first and last names you entered appear after the Current User label in the top banner area of the Web Console, in Lastname, Firstname format.

Authenticating to the Registry

After you log in to the Registry, authentication happens transparently whenever you try to add, delete, or modify a Registry object, because any write request triggers authentication based on the client certificate loaded into your browser.

After authentication is completed, access to the Registry is over https.

When your session expires, you are no longer authenticated by the Registry. A subsequent write request prompts the Web Console to re-authenticate you.

---

Note –

If authentication fails, stop and restart your browser and try again. If you accidentally choose the wrong certificate and have difficulty logging in, see Login Error from Mistake in Client Certificate Selection for information on what to do.

---