Managing Users

The Composable Architecture Platform system has its own built in security and auditing. As a result, you need to manage the users of the system and their type. This is an administration task. Alternatively, you can manage users with LDAP. Please see the Authenticating via LDAP section for more information on LDAP configuration.

To create a new user, specify the user ID, full name, email, type, console view preference (classic/portal), role(s) and password. Only standard users are required to have a role assigned to them. Administrators and super users automatically have full access.

Administrators and super users essentially share the same abilities with the exception that super users cannot administer user accounts. In turn, user administrators can only administer user accounts and roles and not perform any other functions unless specifically assigned via a role.

Default user and password

When the system is first installed, it automatically creates a user called admin with the password admin. We strongly urge you to change the password for this user immediately.

Password security

Composable Architecture Platform stores its passwords in a table alongside other user information. To ensure that no one can read or extract a user’s password, it is encrypted using the Triple-DES algorithm. The key to the encryption is the password itself. Essentially, this means that there is no simple way to decrypt a password. In fact, Composable Architecture Platform never decrypts a password. Instead, it encrypts the password entered by the user and compares the result of the encryption to the one stored in the database. If there is a match, the authentication is considered valid.