IBM Support

RDM v11.4 - Enabling Read Only pages for Data Sets without Login

Question & Answer


Question

How to enable read only pages for Data Sets without login in RDM v11.4 ?

Answer

NOTE: Enabling read only pages for Data Sets without login will expose data for more than just the read only page
Here are the steps to give access to read only data sets:

1.- Export your EAR from WAS console
2.- Go to RDMClientEAR.ear\RDMClientWeb.war\WEB-INF
3.- Edit the web.xml and add the read only page to "EveryoneCollection_basic_constraint"

<security-constraint>
<display-name>Protecting all HTTP methods (Do not enumerate Http Methods)</display-name>
<web-resource-collection>
<web-resource-name>EveryoneCollection_basic_constraint</web-resource-name>
<url-pattern>/dojo/*</url-pattern>
<url-pattern>/public/*</url-pattern>
<url-pattern>/resources/*</url-pattern>
<url-pattern>/ShowRefDataSet.html</url-pattern>
<url-pattern>/ShowRefDataSetNew.js</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>This is the simplest way to ensure that you are not leaving HTTP methods unprotected</description>
<role-name>Everyone</role-name>
</auth-constraint>
</security-constraint>

4.- Go to RDMClientEAR.ear\RestAPI.war\WEB-INF
5.- Edit the web.xml adding this constraint

<security-constraint>
<display-name>Protecting all HTTP methods (Do not enumerate Http Methods)</display-name>
<web-resource-collection>
<web-resource-name>EveryoneCollection_basic_constraint</web-resource-name>
<url-pattern>/jaxrs/sets/active-set-id/*</url-pattern>
<url-pattern>/jaxrs/sets/get-properties/*</url-pattern>
<url-pattern>/jaxrs/hierarchy/set/*</url-pattern>
<url-pattern>/jaxrs/sets/list-values/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<description>This is the simplest way to ensure that you are not leaving HTTP methods unprotected</description>
<role-name>Everyone</role-name>
</auth-constraint>
</security-constraint>

6.- Also add the Everyone role like this:
<security-role>
<description>
</description>
<role-name>Everyone</role-name>
</security-role>

7.- Make sure the changes got saved
8.- Install the EAR using the Websphere console
9.- Clean cookies and cache from your browser
10.- You should be able to use set read only page without login

Note: We recommend you to edit the EAR using 7-zip tool.
In other words, to achieve this, we are editing the security permissions using web.xml security constraints.

[{"Product":{"code":"SSFV65","label":"InfoSphere Master Data Management Reference Data Management Hub"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"11.4","Edition":"Advanced","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
16 June 2018

UID

swg22000960

Page Feedback