Figure: Set Context Root
This chapter describes the procedure to log in to the Stardust Portal and to optionally adjust the predefined connection timeout.
Note that on every upgrade of your Stardust Portal version, clear your browser cache to avoid issues with the scrolling functionality. To clear your cache please follow the instructions of your browser help accordingly.
To log in the Stardust Portal, start your application server and enter the following URL in your Web browser:
http://<hostname>:<portnumber>/<context-root>
This URL will lead you to the Stardust Portal's login screen, whereby
For example:
http://localhost:8080/DemoProject/
Use the following URL for a tenant specific login:
http://<server>:<port>/<context-root>/index.jsp?tenant=<partitionId>
For example:
http://localhost:8080/carnot/ipp-portal/index.jsp?tenant=infinity
Using this URL will cause a login at the specific partition. If you have logged out via the Logout link in the Portal, you would be logged-in in the same partition as you have been before.
Note: If the session has expired this information is lost and you have to use the tenant-specific login URL again. Also note that this URL is currently only working for internal authentication. In a principal based environment it is not working.
This section gives an advanced description on how to set the context-root depending on the different kind of deployment.
If you deploy the
If you deploy the
If you deploy with Tomcat from inside Eclipse (as described in the tutorial chapter The Support Case Example of the Stardust Online Documentation - Developer Guide) The Support Case Example) you can determine the context-root in the last property dialog Web Module, while creating a new dynamic Web project:
Figure: Set Context Root
If you skip the last property dialog with the context-root setting, the name of the project is used by default.
In order to be able to use the Stardust Portal, users have to identify
themselves by entering the name and
password. The user must have been previously created by the Stardust
administrator and assigned the necessary roles or organizations. The
default values for your account and password are motu/motu. In
the login screen fill in your name and account:
Figure: Logging in the Stardust Portal
If the properties Security.PromptPartition, Security.PromptDomain or Security.PromptRealm are set in your carnot.properties file, additional entry fields for partition, domain and realm appear accordingly. Otherwise their default values will be used. For more information see the chapter Stardust Services of the Stardust Online Documentation - Programming Guide. section Providing Additional Fields for Login Screens in the Stardust Services chapter.
Below the password field you find a link Forgot Password. In case you forgot your password click on this link to receive a new one. Note that this link is not available, in case the property Security.Authentication.Mode is set to Principal in your carnot.properties file.
Figure: Forgot Password Option
A dialog opens, where you are prompted to enter your credentials.
After selecting Continue, the dialog closes and the new password is sent to the email address which has to be set for the requesting user. In case no email address is configured, you have to contact the administrator. The email contains a generated password as well as instructions on how to reset your password.
Figure: Forgot Password Dialog
Selecting Cancel closes the dialog without sending an email. The initial login screen is displayed again.
You will receive an email with the provided password. To change the temporary password, return to the Stardust Login screen.
In case you provide the property Security.Password.LoginDialogUrl in your carnot.properties file, containing the URL of the portal login page, this URL will be contained in the notification mail as well. To change the new password, click this URL to go directly to the Stardust Login screen.
In the login screen, login with your account and the temporary password provided in the mail. Now the Change Password dialog opens.
Please note that to make the email notification possible, a valid technical user must exist. Per default this is the motu/motu user. For detailed information on how to configure a technical user, please refer to section Configuring Credentials for the Technical User of chapter Deploying Applications in the Stardust Documentation - Deployment Guide. Configuring Credentials for the Technical User of the chapter Deploying Applications of the Deployment Guide.
In the Change Password Dialog, enter the old password, a new password and confirm the new password in the Confirm Password entry.
Figure: Change Password Dialog
Click Submit to submit the new password.
It might happen that the password cannot be changed because of one of the following reasons:
In that case, an error notification message appears, notifying that the password validation failed.
Figure: Error Notification
After being successfully authenticated, you are logged into the Stardust Portal.
To close the dialog without changing the password, click Cancel. You will return to the user login screen.
When trying to login after selecting the Login button, the entered password is checked for expiration. In case your password has expired, the Change Password dialog opens, where you can enter a new password. Please refer to section Change Password Dialog for details.
When your password has been disabled, a message appears in the Login dialog to indicate that the account is invalid. You will receive an email notification that your account got disabled and you should ask the administrator for assistance.
Figure: Account Disabled
Note that in case Stardust is configured to use the LDAP Login Provider and internal security, a user is allowed to login without providing a password.
To activate principal login in the Stardust Portal, perform the following steps:
Set up your container specific security to provide a login module. For example if using Tomcat, add the following line to your Servers/Tomcat XXXX/tomcat-user.xml file:
<user name="motu" password="motu123" roles="Administrator"/>
Set the engine to use principal login via the Security.Authentication.Mode property in your carnot.properties file:
Security.Authentication.Mode = principal
Update the web.xml file with the following fragments to use principal login:
<context-param>
<param-name>carnot.PRINCIPAL_PAGE</param-name>
<param-value>/plugins/common/initializeSession.iface</param-value>
</context-param>
...
<security-constraint>
<web-resource-collection>
<web-resource-name>Icefaces Main Page</web-resource-name>
<url-pattern>/plugins/common/initializeSession.iface</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Administrator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/ipp/common/loginProxy.iface</form-login-page>
<form-error-page>/ipp/common/loginProxy.iface?failed=true</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>Administrator</role-name>
</security-role>
In case a session timeout occurs with principal login and you are using WebLogic as application server, deactivate the keep alive option for WebLogic as described in section Deactivating the KeepAlive option of chapter WebLogic in the Stardust Online Documentation - Deployment Guide. Deactivating the KeepAlive option of chapter WebLogic in the Deployment Guide.
If any request from the Stardust Portal does not get response within 60 seconds, the network connection gets interrupted and a message dialog opens.
Figure: Connection Timeout
You have the option to configure the timeout by setting the connectionTimeout parameter in your web.xml file. This parameter defines how long, in milliseconds, the bridge will wait for a response from the server for a user-initiated request before declaring the connection lost. The default value is 60000 (60 seconds).
<context-param>
<param-name>com.icesoft.faces.connectionTimeout</param-name>
<param-value>60000</param-value>
</context-param>
For advanced connection management, please refer to the ICEFaces Documentation - Connection Management directly.