Securing XMC Cat
The default installation of the XMC Cat service is not as a secure service. In a production environment we suggest either making your XMC Cat secure or otherwise securing it (such as putting it behind a firewall and accessible onyl through a portal). Although you can implement more comprehensive security, this section covers an easy approach to setting up password-based transport level security using Apache Rampart. The XMC Cat server is middleware that will be contacted by other services such as the XMC Cat web-based GUI, other search tools, workflow engines, data management systems, etc. In this case the "users" are other systems, and the number of users will be relatively few. To keep it simple to implement, the secure "users" are defined in the XMC Cat database and their passwords are hashed. The secure users are separate from the XMC Cat users who can each have a separate private workspace.
Using XMC Cat security, a request will include the name and password of the system user (e.g., the XMC Cat GUI) as well as the name of the user on whose behalf the request is being made. For this reason, the services that are setup as secure users must be trusted services.
The instructions below for the Server and Client (XMC Cat GUI) secure configurations assume you have already installed the XMC Cat server and GUI client respectively and are converting from an unsecure to a secure version. Please see the instructions above for the initial installation of the XMC Cat server and the XMC Cat GUI before configuring the security.
