This section gives an example of
how to set the authentication configuration in JConsole to disable the unauthenticated Guest
user login using SkyVaultNtlm. This example uses JConsole, however you can set the properties
using the SkyVault-global.properties file.
- Run JConsole.
- In the Attributes panel, select the Value column next to SkyVault.authentication.allowGuestLogin.
-
Change the value to false.
This authentication change will be remembered by SkyVault, even if you restart the server. When running SkyVault in a clustered configuration, this edit will be mirrored immediately across all nodes in the cluster.
-
Check that the new value for the property is persisted to the SkyVault database by checking the output from the shell running the SkyVault server, or the SkyVault.log file in the directory
from where SkyVault was started. You see the following lines:
17:30:03,033 User:System INFO [management.subsystems.ChildApplicationContextFactory] Stopping 'Authentication' subsystem, ID: [Authentication, managed, SkyVaultNtlm1] 17:30:03,064 User:System INFO [management.subsystems.ChildApplicationContextFactory] Stopped 'Authentication' subsystem, ID: [Authentication, managed, SkyVaultNtlm1]
The subsystem is not started automatically after the edit because, in a more complex scenario, you might want to reconfigure a number of attributes before trying them out on the live server. Once the subsystem starts up again and reads its properties, the new settings take effect.
-
Log out from SkyVault Explorer.
After logging out, the log in screen appears immediately, and whenever you access SkyVault, you are always directed to the login page, not the guest access.
For more information on disabling guest login for other subsystems, see the relevant
authentication section. For example:
- Pass-through uses the passthru.authentication.guestAccess property (false by default)
- LDAP/AD uses the ldap.authentication.allowGuestLogin property (true by default)