Three users are created with different roles assigned.
|
Username |
Password |
Roles |
|
admin@konakart.com |
princess |
KonaKart Super-User |
|
doe@konakart.com |
password |
Sample User |
|
cat@konakart.com |
princess |
KonaKart Catalog Maintainer |
|
order@konakart.com |
princess |
KonaKart Order and Customer Manager |
Choose new usernames and passwords to secure the KonaKart Administration Application at the earliest opportunity.
The default users and roles are set up as examples of typical configurations of the role-based security system. You may wish to add new Admin users or adjust some of the roles as you see fit. The three users above should give you a few ideas about how the system can be configured.
The three users above are defined as "Admin Users". Note that "Admin Users" can actually log in to the KonaKart store using the same credentials. It doesn't work the other way around however: "Non Admin Users" cannot log into the Admin Application.
Although it's not recommended, it is possible to disable security completely if you wish. To configure this, see the comments inside the konakartadmin.properties file which can be found under the konakart installation directory at:
webapps\konakartadmin\WEB-INF\classes\konakartadmin.properties
(There are a number of additional configuration options that you can adjust to modify the behaviour of the KonaKart Administration Application with respect to security - please refer to the comments in in the above properties file for details).
Admin passwords can be validated against a set of configurable rules defined in the konakartadmin.properties file. The options for password validation are as follows:
# Min/Max length for Admin Passwords #(set min password length for Admin app to match - default also 8) konakart.password.minimumChars = 8 konakart.password.maximumChars = 20 # An upper case character is any character in A..Z konakart.password.mustContainUpperCase = true # A lower case character is any character in a..z konakart.password.mustContainLowerCase = true # A numeric character is any character in 0..9 konakart.password.mustContainNumeric = true # A "special" character is any character that is not a..z, A..Z, or 0..9 konakart.password.mustContainSpecialChar = true # When a password is changed the new one can't be the same as any of the previous N # Set to -1 to not carry out this check konakart.password.mustDifferFromLastNPasswords = 4 # Login will not be successful if the password has expired # Admin App users will be forced to change their password if it has expired # Set to -1 if you don't ever want passwords to expire konakart.password.expiryDays = 90 # Space-separated set of usernames whose passwords will never expire # If not set, the defined password expiry rules will apply to all users #konakart.password.neverExpireUsers = batch@konakart.com
Note that from the 7.3.0.0 release of KonaKart the Admin passwords will, by default, expire after 90 days. If you do not want this behaviour, modify the konakart.password.expiryDays property as required.
If an Admin App user attempts to log in with a password that has expired a dialog box will appear which allows the user to change that password.
An Admin App user can use the Change Password option when inside the Admin App to change his password at any time.
Remember that the admin usernames may be used in other areas in the KonaKart system (eg. for quartz jobs) so remember that these passwords can also expire according to the same rules as for Admin App users.
A "Super User" must be an Admin User with a role that has the super_user indicator set.
Since the "Super User" has privileges to change all the configuration settings in a KonaKart store, you must guard these credentials carefully.
Ensure that you change the password of the "Super User" account(s) as required by your Site Security policy for highly-privileged accounts.