test

Service Registry 3.1 Administration Guide

Creating an Administrator

The Service Registry administration tool enables some tasks that only a user who is registered as an administrator can perform. In addition, an administrator might be called upon to implement life cycle changes (for example, approvals) to objects other users submit.

An administrator can also change the default access control policy (ACP). However, writing an ACP is currently a manual process that requires knowledge of OASIS eXtensible Access Control Markup Language (XACML). For details, refer to Chapter 9, “Access Control Information Model,” of ebXML RIM 3.0, especially the examples in Sections 9.7.6 through 9.7.8. See Before You Read This Book for information on how to find the ebXML RIM 3.0 specification.

ProcedureTo Create an Administrator

To register yourself as an administrator, follow these steps:

  1. Either perform user registration as described in Creating a User Account in Service Registry 3.1 User’s Guide, or add yourself as a user by using the add user of the Admin Tool, described in add user.

  2. If you used the Web Console to register, obtain the unique identifier of your User object as follows:

    1. Use the Web Console to perform a Basic Query, with the Object Type set to User.

    2. Click the Details link to view the User object the Registry created for you.

    3. Write down the Unique Identifier field value, or copy and paste it into a file.

    If you used the add user command, use the users command to get a list of users, then copy the identifier value for your user name.

  3. Change to the directory RegistryDomain-base/domains/registry/applications/j2ee-modules/soar/WEB-INF/classes.

  4. Open the file omar.properties in a text editor.

  5. Find the definition of the property omar.security.authorization.registryAdministrators.

  6. Edit the property definition by adding a vertical bar (|), followed by the unique identifier string that you copied in Step 2.

    The property definition must all be on one line and must not contain spaces. After you finish, it will look something like this (all on one line):

    omar.security.authorization.registryAdministrators=
urn:freebxml:registry:predefinedusers:registryoperator|
urn:uuid:77f5c196-79de-4286-8483-8d80def3583b

  7. Save and close the omar.properties file.

  8. Follow the instructions in To Stop and Restart the Application Server Domain for the Registry.

Next Steps

To create additional administrators, you do not have to edit the omar.properties file. You can use either the Admin Tool or the Web Console to add users, and you can use the Web Console to classify the users as administrators.