Versions Compared

Old Version 25

changes.mady.by.user Joost Koehoorn

Saved on

compared with

New Version 26

changes.mady.by.user Munish Mahabiersing

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

During the installation of Blueriq Studio you have chosen a security mode. This paragraph will explain how to configure each security mode.

Blueriq supports three types of security modes:

  • NTLM authentication and authorization:

The authorization and authentication is done against active directory. Active directory groups can be mapped to a Blueriq Studio role.

  • NTLM authentication and custom authorization:

The authorization and authentication is done against active directory. Each active directory user can be mapped to a Blueriq Studio role.

  • Custom Authentication:

The authorization and authentication is managed in Blueriq Studio. Users can be created in Blueriq Studio and mapped to a Blueriq Studio role.

UI Expand
titleNTLM authentication and authorization

NTLM authentication and authorization

For this security mode you have to map an active directory group to a blueriq role. To do this, go to the directory [Blueriq Installation directory]\Configuration\Security\RoleMappings\. In this directory you will find a file named RoleMappings.xml.

Code Block
languagehtml/xml
<?xml version="1.0"?>
  <RoleMappings>
--> <RoleMapping>
      <Group>LDAP1</Group>
      <Group>LDAP2</group>
      <UserRole>Administrator</UserRole>
    </RoleMapping> <--
 </RoleMappings>

The text between the arrows shows a role mapping. The LDAP groups LDAP1 and LDAP2 are mapped to the Administrator role in Blueriq Studio. You can change the LDAP groups to your specific groups that must have full access to Blueriq Studio.

After the installation of Blueriq Studio only the user role Administrator exists. In Blueriq Studio you can create new roles with other permissions.

To map an active directory group to a user role, copy the text between the arrows from above and paste this after the </RoleMapping>-tag. Change the group name to the active directory group that you want to map to a user role. Change the User Role name to the user role you want to map to the active directory group. You can add more groups to the same user role.

For example: In Blueriq Studio you have created a new role with the name Test1. You want to map the active directory group Blueriq2 to this role. You must have the following text in the RoleMappings.xml file:

Code Block
languagehtml/xml
<?xml version="1.0"?>
  <RoleMappings>
    <RoleMapping>
      <Group>Blueriq</Group>
      <UserRole>Administrator</UserRole>
    </RoleMapping>
    <RoleMapping>
      <Group>Blueriq2</Group>
      <UserRole>Test1</UserRole>
    </RoleMapping>
  </RoleMappings>
UI Expand
titleNTLM Authentication and custom Authorization

NTLM Authentication and custom Authorization

For this security mode you have to map active directory users to Blueriq roles. To do this, go to the directory [Blueriq Installation directory]\Studio\Configuration\Security\UserAccess\. In this directory you will find a file named UserAccess.xml.

Code Block
languagehtml/xml
<?xml version="1.0"?>
  <Users>
--> <User Name="Admin">
    <Role>Administrator</Role>
  </User> <--
</Users>

The file contains a user Admin. This user is not an active directory user. In this security mode you can only use active directory users. You have to change the name in an active directory username with the syntax <domainname>\<username>.

For example: The domain name is Blueriq and the username of the user that needs full access to Blueriq Studio is Test, you have to change Admin into Blueriq\Test. You can insert more users with the same role.

This example results in the follow text:

Code Block
languagehtml/xml
<?xml version="1.0"?> <Users> <User Name="Blueriq\Test"> <Role>Administrator</Role> </User> </Users>
UI Expand
expandedtrue
titleCustom Authentication

Custom Authentication

This security mode is fully controlled in Blueriq Studio. You can login with the default credentials:

  • Username: admin

  • Password: welcome

...

See Studio Security Modes for a detailed description of each security mode.

Logging

If any problem occurs with authorization or authentication you can use the  audit.log to trace and find the cause.

...