Setting up file-based security

File-based security, the default installed by Lawson applications, is a simple mechanism to get users up and running on the application. In file-based authentication, the system authenticates users against a text file that contains user, role, and password information.

If you are using file-based authentication in a production environment, it is critical that the file that contains the user IDs and passwords has very limited access. You can limit access to this file using Windows file security on drives formatted with NTFS.
Note: If you have a large number of users, non-file based provider types offer a more secure and a more robust password management strategy than file-based security.
  1. Open the Tools dashboard and click System Settings. The System Configuration Assistant is displayed.
  2. Select file-based as the authentication provider. A set of file-based property fields is displayed.
  3. Specify this information:
    Power Designer Role
    This optional property (PowerDesignerRole) allows any user in the specified user group to create content.
    File Authentication File Name
    This required property (FileAuthenticatorUsers) has a value of <SomeDrive>\<SomeFile>.txt. This text file contains a list of user names, passwords, and roles separated by tabs.
    File Authentication Admin Role
    This required property (FileAuthenticatorAdministratorRole) allows any user in the specified user group to administer the system through the Administrative Console.
  4. Click Save Changes at the bottom of the System Configuration Assistant.
  5. In WebSphere, stop and start your Framework Services application server.