ACL role based authorization
The product allows you to create users, define ACLs and assign them to user groups.
The user will then see only allowed objects based on ACL rules in the UI.
ACL levels
- storage: only selected storage are visible
- custom groups: only selected groups are visible
- SAN: visibility of all SAN switches (no possibility to select particulat switch, just whole SAN)
ACL functionality is not enabled by default. You have to configure Apache.
Activation on a XoruX Virtual Appliance
Activation in non appliance environment
- under root user make change in STOR2RRD section httpd.conf of your Apache,
This must be there: AllowOverride AuthConfig FileInfo
Note: httpd.conf might be in different locations like /etc/opt/freeware/apache/httpd.conf, /opt/freeware/etc/httpd/httpd.conf, /opt/freeware/etc/httpd/conf/httpd.conf, /etc/apache2/apache2.conf
# vi /etc/httpd/conf/httpd.conf
Alias /stor2rrd "/home/stor2rrd/stor2rrd/www/"
<Directory "/home/stor2rrd/stor2rrd/www/">
AllowOverride AuthConfig FileInfo
Options Indexes FollowSymLinks Includes MultiViews
Require all granted
</Directory>
ScriptAlias /stor2rrd-cgi/ "/home/stor2rrd/stor2rrd/stor2rrd-cgi/"
<Directory "/home/stor2rrd/stor2rrd/stor2rrd-cgi/">
AllowOverride AuthConfig FileInfo
SetHandler cgi-script
Options ExecCGI Includes FollowSymLinks
Require all granted
</Directory>
-
Restart Apache:
Note: apachectl might be in different locations like /opt/freeware/sbin/apachectl
# apachectl restart
-
Under stor2rrd user copy ".htaccess" file to "www" and "stor2rrd-cgi" directories
Make sure there is right directory path to etc/web_config/htusers.cfg in html/.htaccess file.
# su - stor2rrd
$ umask 022
$ cd /home/stor2rrd/stor2rrd
$ cp -p html/.htaccess www
$ cp -p html/.htaccess stor2rrd-cgi
-
Refresh the UI (Ctrl-F5).
Try to access your STOR2RRD web now. You should be prompted for user name and password.
Use user "admin" with password "admin" (Change it after first login).
Create users and ACLs in : menu ➡ STOR2RRD ➡ User management
Troubleshooting