The Apache Sling project provides two extensions to the Apache Felix Web Console (in addition to a number of plugins, of course):
The Apache Sling Web Console Branding provided by Apache Sling is currently just for the product logo displayed in the upper right corner of the Web Console and some titles and strings.
This bundle will attach as a fragment bundle to the Apache Felix Web Console bundle. To enable it after installation into a running system, you might have to refresh the package imports of the Apache Felix Web Console bundle. If you install using the Apache Felix Web Console bundle installation functionality, this will be taken care of by the Web Console.
The Apache Sling Web Console Security Provider implements the Apache Felix Web Console WebConsoleSecurityProvider interface authenticating Web Console users against the JCR repository. Each username and password presented is used to login to the JCR repository and to check the respective session.
- Ensure the username and password can be used to login to the default workspace. If not, access is denied
- If the username presented is one of the user names configured with the users configuration property, access is granted.
- Otherwise if the user is a (direct or indirect) member of one of the groups configured with the groups configuration property, access is granted.
Access is denied if the username and password cannot be used to login to the default workspace or if the user is neither one of the configured allowed users nor in any of the configured groups.
The Security Provider is configured with configuration with PID org.apache.sling.extensions.webconsolesecurityprovider.internal.SlingWebConsoleSecurityProvider supporting the following properties:
|users||String, String or Vector<String>||admin||The list of users granted access to the Web Console|
|groups||String, String or Vector<String>||—||The list of groups whose (direct or indirect) members are granted access to the Web Console|
Note, that while the default value explicitly grants the admin user to access the Web Console it is suggested that system administrators define a special group and assign users with Web Console access to this group.