Configure Find to Use a Single Pre-Authenticated User

You can configure Find to always log in with a single pre-authenticated user. This option bypasses authentication so that any user that accesses Find is logged in automatically with that user name and any associated permissions.

To use this option, you must set the server.reverseProxy system property to true, even if you do not want to use a reverse proxy. The reverse proxy is not required, because the normal Find HTTP(S) ports still work.

You then set the find.reverse-proxy.pre-authenticated-roles and find.reverse-proxy.pre-authenticated-username system properties to the role and user name that you want to use for all users.

To configure Find to use a single pre-authenticated user

  1. At the command line, send the java run command with the server.reverseProxy argument set to true, the find.reverse-proxy.pre-authenticated-roles argument set to the roles to use, and the find.reverse-proxy.pre-authenticated-username argument set to the user name to use. For example:

    java -Dserver.reverseProxy=true -Dfind.reverse-proxy.pre-authenticated-roles=FindUser,FindBI -Dfind.reverse-proxy.pre-authenticated-username=anon -Didol.find.home=[home directory] -Dserver.port=[port] -jar find.war
  2. Restart Find to apply your configuration changes.

If you run Find as a service on Windows, you can also add the server.reverseProxy and find.reverse-proxy.pre-authenticated-username properties to the find.xml file.

If you run Find as a service on Linux, you can add the arguments to the existing arguments variable in the start scripts (find.sh for SystemV, find.conf for Upstart, or find.service for systemd).

When you modify the Find configuration by modifying the XML file or start scripts, you must restart Find to apply your configuration changes.

On Upstart, you must also run initctl reload-configuration before you restart, to apply the init file changes. You can then run service find restart to restart the service.