|Configuring the System Administrator||The admin user is the super tenant that will be able to manage all other users, roles and permissions in the system by using the management console of the product. Therefore, the user that should have admin permissions is required to be stored in the primary user store when you start the system for the first time. The documentation on setting up primary user stores will explain how to configure the administrator while configuring the user store. The information under this topic will explain the main configurations that are relevant to setting up the system administrator.|
|Configuring the Authorization Manager||According to the default configuration in WSO2 products, the users, roles and permissions are stored in the same repository (i.e., the default, embedded H2 database). However, you can change this configuration in such a way that the users and roles are stored in one repository (user store) and the permissions are stored in a separate repository. A user store can be a typical RDBMS, an LDAP or an external Active Directory. |
The repository that stores permissions should always be an RDBMS. The Authorization Manager configuration in the user-mgt.xml file (stored in the
|Configuring User Stores|
The user management feature in WSO2 products allows you to maintain multiple user stores for your system that are used to store the users and their roles. The following topics guide you through configuring the user stores:
|Configuring Users||To enable users to log into the management console, you create user accounts and assign them roles, which are sets of permissions. You can add individual users or import users in bulk.|
After you install WSO2 IoT Server, it is recommended to change the default security settings according to the requirements of your production environment. As WSO2 IoT Server is built on top of the WSO2 Carbon Kernel, the main security configurations applicable to IoT Server are inherited from the Carbon kernel.
|Monitoring Logs using Management Console|
Monitoring logs using the management console of your product is possible with the Logging Management feature. To use this feature, see the following topics:
|HTTP Access Logging|| HTTP Requests/Responses are logged in the access log(s) and are helpful to monitor your application's usage activities, such as the persons who access it, how many hits it receives, what the errors are etc. This information is useful for troubleshooting. As the runtime of WSO2 products is based on Apache Tomcat, you can use the |
You can also customize the access logs based on the supported Access Log Valve attributes.