Skip to main content

PREREQUISITE: Create Access Control db Storage

This chapter instructs you how to create a database storage that contains access control entities, e.g. a set of Organizations, Roles and Subjects (Users and Groups). This db storage can be referred by other storages, thus in effect providing access control to objects and functions in AVIX. 

We will, step by step, describe how a server is installed and configured to use a local h2 database. This db will be configured to contain two so-called repositories, "avix" and "admin". Repositories are basically containers of storages. 

We will make use of an AVIX5 application/client to perform some of the necessary tasks. 


INITIAL SERVER SETUP


INSTALL AVIX SERVER

Download the installation media, the server zip archive. If you don´t have a download URL, ask your contact at Solme AB to get one. The downloadable unit may be entitled "se.solme.avix.server.product-win32.win32.x86_64.zip" or similar. 

Unzip the server zip file at the host where you intend to install it. 

Avoid white spaces in the path! 

The unzipped content will look like this:

Bild3.png


Repositories.xml file

Make sure to create a file called "repositories.xml" in the root directory of the installation. The example content below uses embedded h2 db. (In a real deployment scenario, you will likely use a professional DBMS e.g. MS SQL Server, Postgres etc)

<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<repositoryConfig>
	<!-- h2 repository example (self-hosted by the AVIX server) -->
	<repository name="avix" type="se.solme.avix.server.cdo.h2" databaseName="avix"/>
	<repository name="config" type="se.solme.avix.server.cdo.h2" databaseName="admin"/>
</repositoryConfig>


START SERVER

In a production deployment scenario, you would install the AVIX5 server as a service at this point and start it. For testing purposes however, it works just as well to simply start the server application by running its executable.


CREATE ACCess control storage named "ac"

We will use the AVIX application (client) to create some db data.


INSTALL AVIX APPLICATION

Either use a proper installer for AVIX5, or a build archive called  "se.solme.avix.application.rcp.product-win32.win32.x86_64.zip" or similar (unzip this on your computer). 

CREATE the access control storage named "ac"

Start the AVIX application.  In the example and screen shots below, the server and application are running on the same Windows machine. Thus, "localhost" is used. 

Connect to the running AVIX5 server using "localhost:45500" and create your first storage. Accept the name "New storage", and open the storage.  

image.png

By default, new storages are using the “Local” access control principle. Change that to “Storage URL” , and click the “…” browse button: 

image.png

In the “config” repo, create a new storage and name it “AC”. Finally click on “Open”:

image.png

Click “Apply”, and accept the suggestions in the “Disconnect from current system” dialog that appears.

image.png

Unfortunately, you now need to close the storage “New storage” and re-open it again. (This is due to caching mishaps, and will be fixed in forthcoming AVIX application versions).

While in "New storage", open the Security view (Help->Open Security). It will be empty, but you should be able to click on the create organization button. The system will detect that your access control system is empty, and present a dialog with two options to you:

image.png

We will accept to generate the suggested default system: 

image.png

At this point, we will close down the AVIX storage “New storage”, and also shut down the AVIX application.


load_storages.xml file

Finally, make sure to create a file called "load_storages.xml" in the root directory of the installation. This file informs the server on startup, which storages that should be loaded. It should have the following contents to load the AC storage that was created in the prior step:

<?xml version="1.0" encoding="UTF-8"?>
<load_storage_config>
	<load_storage storage="dba:http://localhost:45500/config/AC" workspace="AC"/>
</load_storage_config>

This is done, since the server has to load the data of the AC storage in order to "act" on the CRON/scheduling expression that we intend to create on one of the Group objects in that storage (see next page for more information). 

Back to top