You are here: Advanced > Administration > Admin Functions > Adding Users & Changing Password

Adding Users and Changing Admin Password

Normal Login

Admin Login is accessed from the System Menu by right clicking in the background of the browser interface.

When you are logged in as administrator additional options are available in the System Menu and Device Menu.

There will be black outline surrounding the browser window when you are logged in as the administrator.

In IntraVUE™, the default admin password for IntraVUE™ is the same as the admin password for the Apache Tomcat Manager, intravue.

 

Changing the Admin Password

The password is set in a file in the IntraVUE™ installation folder ...\IntraVUE™\AutoIP\tomcat8\conf, named tomcat-users.xml. Find the XML tag that starts with "user" and contains a username of "admin". The password entry is the password for both the tomcat manager and IntraVUE™, as shown below. The text after password, in quotes, is the MD5 hash of the plain text password, in this case "intravue".

<user username="admin" password="b0d48ae0dd144215b972a4735b68d034" roles="admin,manager"/>

The MD5 hash is a method of making the password secure should someone be able to open the tomcat-users.xml file.

To create an MD5 hash of the password of you choice go to this URL http://127.0.0.1:8765/tools/md5.jsp

In the image above you can see intravue was added as the Clear Text password and after the Convert button was selected the MD5 text was created. The MD5 text returned is what you want to insert in the password=" " parameter in the tomcat-users.xml file.

Change the password from the default of "intravue" after registering your IntraVUE software to prevent unauthorized personnel from gaining admin level privileges in IntraVUE.

Failure to limit access to the IntraVUE™ host can allow unauthorized personnel modify the tomcat-users.xml file.

With IntraVUE™'s remote administration capabilities, there is no need to have physical access to the host computer. The directories where security information is configured are not accessible from the web interface. See Accessing IntraVUE™ remotely via any Internet Browser to require all users to remotely connect to IntraVUE without having to be on the IntraVUE host.

 

 

Adding Username and Password Protection to the IntraVUE™ application

The Apache Tomcat web server that provides the user interface for IntraVUE™ can be configured to require a username and password before a user can see the IntraVUE™ web page.

The first step is to add security data to the file ...\intravue\AutoIP\tomcat8\webapps\iv3\WEB-INF\web.xml. Copy the lines below and insert them at the end of the file, just before the closing </web-app> line.

<!-- Define a Security Constraint on this Application -->

<security-constraint>

<web-resource-collection>

<web-resource-name>Intravue Application</web-resource-name>

<url-pattern>/*</url-pattern>

</web-resource-collection>

<auth-constraint>

<!-- NOTE: This role is not present in the defaugt users file -->

<role-name>intravue</role-name>

</auth-constraint>

</security-constraint>

<!-- Define the Login Configuration for this Application -->

<login-config>

<auth-method>BASIC</auth-method>

<realm-name>Intravue Application</realm-name>

</login-config>

<!-- Security roles referenced by this web application -->

<security-role>

<description> The role that is required to log in to the IntraVUE™ Application </description>

<role-name>intravue</role-name>

</security-role>

</web-app> NOTE: do not copy this line. Insert just before this line in the file

The above will require the user to login as the 'role-name' intravue. Role-names are defined in the file tomcat-users.xml, described above. The role 'intravue' is already defined in that file and has a username of IntraVUE™ and a password of intravue.

If you are going through this process then you really want security that anyone reading this help file will not be able to break.

Therefore, you should edit the tomcat-users.xml file and add a new role. The two line below can be added to this file and will create a new role named 'remote' and this role will have a username of remoteUser and a password of intravue2

<role rolename="remote"/>

<user username="remoteUser" password="intravue2" roles="remote"/>

To complete the process edit the data in the lines in the sample above and change the lines starting with to have the role 'remote' rather than 'intravue'. Then restart the Windows service "Apache Tomcat eTomcat".

Anyone logging in will now be required to use a username and password to login.

Note: You may create as many username and password combinations for the role remote as you like by adding additional <user.. lines to the tomcat-users.xml file.

 
ClosedSUPPORT LINKS A

IntraVUE Latest Online Help | Click here

IntraVUE Registration Video|   Click here

IntraVUE Scanner Setup Video for LAN|   Click here

IntraVUE Discovery and Operation Video|   Click here
ClosedPRODUCT INFORMATION

IntraVUE™ Software

Last Update: 06/07/2018

Copyright © 2023 ICT Global

 
ClosedCOMPANY INFORMATION

ICT Global

1218 S Pointe Alexis Dr.

Tarpon Springs, FL 34689

www.ictglobal.com

 

 

Open topic with navigation