In order to submit content to the Registry, a Registry Client must have the proper credentials. One kind of proper credential is a client certficate. When submitting content using the Web UI, the client certificate may be imported into your web browser and sent to the web container over a secure connection. The certificate is used by the Web UI to identify and authenticate the Client. See the Using HTTPS document for details. This is the recommended configuration for production deployments.
For developer deployments, however, there is another Web UI option
that does involve less configuration. You can set a property to
indicate which user principal name to use for authentication. The
user principal name maps to the alias of the client certificate. So,
instead of each user sending their client certificate over a secure
connection, the Registry will load a client certificate from the client
keystore file using the principal name. The client keystore is
located in this file:
The omar.name and dist.version properties are set in
Note: this option is only available for Web UI deployments that do not have container-managed authentication. This kind of authentication involves the web container protecting the Web UI's resources such as its JSP pages. The container manages the authentication, and, as a result, handles the setting of the Client's principal name. Since the container sets the principal name, configuring an anonymous one is not an option.
To enable this option, do the following:
omar.security.anonymousUserPrincipalName=<certificate alias>In the above example, <certificate alias> is replaced by 'testuser'.