User Management
This document introduces the user management features of the WSO2 Mashup Server:
Administrator Actions
The first part of this document describes the user management functions
that must be performed by an administrative user. Please refer to the 'User
Actions' section below, for
management options that do not require admin privileges.
Setting Up The First User
Using the Browser
On starting up the server and accessing the website on localhost, the
provisioning page is displayed. This is where the primary or administrative
user should be created.
The user name password and confirmation password fields are mandatory, but
you are also strongly advised to enter a valid e-mail ID as password recovery
is not possible
without this. You may of course, update this information later on, with user
profile management features described below.
Keeping the 'Sign me in now' checkbox clicked will log you in automatically,
immediately after creating your administrator profile.
Using a Configuration File
When a Browser is not available on the local system, you can use the
following parameters in the server.xml file of the mashup server, to perform
the administrator account creation.
- Change the 'CreatePrimary' parameter to 'true'
- Specify the administrator account and password using the PrimaryUser
and PrimaryPassword parameters.
<PrimaryUserConfig>
<!--Set CreatePrimary to 'true' to
activate option-->
<CreatePrimary>true</CreatePrimary>
<PrimaryUser>admin</PrimaryUser>
<PrimaryPassword>admin</PrimaryPassword>
</PrimaryUserConfig>
Setting Up Self Registration
The primary or administrative user can enable self resigtration of guests by
clicking on the 'Allow Internet Guests' link in the 'Administrative tasks'
pane.
You will be shown a page which confirms that self registration has been
enabled. This page will also provide details on the configuration parameters
to be completed in the
web.xml page, to complete the self registration setup.
Note that the link in the administrative tasks pane is a toggle and will now
display the link to 'Disallow Internet Guests'.
Managing Users
All user management functions require admin privileges and are provided from
the 'Manage Users' page.
Add User
Users can be added via the 'Add User' link in the administrative tasks
pane in addition to the link in the 'Manage Users' page.
The page displayed will allow you to create a user with privileges to create
or modify their own mashups, comment on or rate other peoples mashups and
perform other basic
user functions.
Edit User
The 'Edit User' image link displays the bage below, where an administrator
can change a registered users profile including the password. Please note
that if password modification
is not required, the 'password' field should be allowed to remain empty.
Delete User
The 'Delete User' image link displays the page below. If the 'Purge User
Data' checkbox is not clicked, the delete button will simply disable the
user's login. Disabled users will be
highlighted in the 'Manage Users' page and clicking on this 'Reactivate User'
icon will re-enable the user to login.
If the 'Purge User Data' checkbox is
selected on deletion, the user's mashups and comments will be deleted along with the
user profile. Please note that this action
is not reversible.
Assign Administrative Privileges
The primary user is permitted to assign administrative privileges to any
other registered user. Clicking the 'Assign Admin' icon will display a
confirmation page, where the 'Grant' button will grant these privileges
to the selected user and toggle icon in the 'Manage Users' page to call the
'Revoke Admin' action.
User Actions
Self Registration
Once the administrator has enabled the registration of internet guests, a
user can register himself or herself with a simple e-mail verification. The
'Sign up' link on the page
header takes a guest to the page below, which allows a new user to enter a
valid user ID, full name, e-mail ID and password and request registration.
Alternatively, an
InfoCard or OpenID, described in the Identity
page, can be used to furnish user details, simplifying the registration
process.
When this information is submitted, the user is requested to complete the
registration process by clicking on a verfication link sent to the specified
e-mail ID.
Forgotten Password
If a user requres a password reset, the 'Forgot Password?' link on the
'Sign-in' page will take him or her to the 'Reset Password' page, where they
can furnish their user
and e-mail ID combination and request a new password. An automatically
generated password will be e-mailed to them.
Profile Management
The 'Profile' page can be accessed by clicking on the profile link in the
home page or the user name on the 'Signed in as ...' tab. Here a user can
change personal information such as their display name, e-mail ID, bio or
password. They can also associate an InfoCard or OpenID with their user
profile using the 'Register your Infocard' or 'Register your OpenID'
links.
Further details on managing OpenID and InfoCard are provided in the Identity page.
