security layer

Issue #2
imixs · Aug 28, 2021 · 54035ff · 54035ff
1 parent 8772b30
commit 54035ff
Show file tree

Hide file tree

Showing 16 changed files with 224 additions and 142 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,8 +1,11 @@
-FROM jboss/wildfly:20.0.1.Final
+FROM jboss/wildfly:22.0.1.Final
 
 LABEL description="Imixs-Muluk"
 LABEL maintainer="[email protected]"
 
 
+# Setup configuration
+COPY ./docker/configuration/wildfly/* /opt/jboss/wildfly/standalone/configuration/
+
 # Deploy artefact
 ADD ./target/*.war /opt/jboss/wildfly/standalone/deployments/
diff --git a/Dockerfile-Dev b/Dockerfile-Dev
@@ -1,8 +1,10 @@
-FROM jboss/wildfly:20.0.1.Final
+FROM jboss/wildfly:22.0.1.Final
 
 LABEL description="Imixs-Muluk"
 LABEL maintainer="[email protected]"
 
+# Setup configuration
+COPY ./docker/configuration/wildfly/* /opt/jboss/wildfly/standalone/configuration/
 
 # Deploy artefact
 ADD ./target/*.war /opt/jboss/wildfly/standalone/deployments/

diff --git a/README.md b/README.md
@@ -9,19 +9,29 @@ Muluk is a super simple WebService Monitor. Muluk watches your web services and
 
 # How to Start
 
-Muluk is hosted on Docker-Hub. So you simply need Docker to run Muluk as a Web Service on any kind of server within you private network or in the itnernet. 
+Muluk is hosted on Docker-Hub. So you simply need Docker to run Muluk as a Web Service on any kind of server within you private network or in the Internet. 
 
-
+	$ docker run \
+	  -e TZ="CET" \
+	  -e LANG="en_US.UTF-8" \
+	  -v $PWD/config.xml:/opt/jboss/config.xml \
+	  -p "8080:8080" \
+	  imixs/muluk:latest
 
-    docker run....
 
 ## The Configuration
 
 All you need is a configuration file defining the targets to monitor.    
 
 
     <muluk-dev>
-
+		<cluster name="local-dev">
+			<node>
+				<target>http://localhost:8080</target>
+				<auth type="BASIC" user="admin" password="adminadmin" />
+			</node>
+		</cluster>
+		
        <mail>
          <smtp>...</smtp>
        </mail>
@@ -31,7 +41,6 @@ All you need is a configuration file defining the targets to monitor.
 				<target>https://www.imixs.org</target>
 				<pattern>Imixs-Workflow supports the BPMN 2.0 standard</pattern>
 			</object>
-		
 			<object type="web">
 				<target>https://foo.com/</target>
 				<pattern>my-data</pattern>
@@ -45,7 +54,20 @@ All you need is a configuration file defining the targets to monitor.
     </muluk-def>
 
 
+### Security
 
+The Web interface is protected with a BASIC authentication security realm. You can use the default user 'admin' with the default password 'adminadmin'.
+
+To change the user/password you simply need to create/edit the files '*muluk-users.properties*' and '*muluk-roles.properties*' and map these files into your docker container.
+
+	$ docker run \
+	  -e TZ="CET" \
+	  -e LANG="en_US.UTF-8" \
+	  -v $PWD/config.xml:/opt/jboss/config.xml \
+	  -v $PWD/muluk-users.properties:/opt/jboss/wildfly/standalone/configuration/muluk-users.properties \
+	  -v $PWD/muluk-roles.properties:/opt/jboss/wildfly/standalone/configuration/muluk-roles.properties \
+	  -p "8080:8080" \
+	  imixs/muluk:latest
 
 ## Kubernetes
 
@@ -74,7 +96,6 @@ to start the container run:
 	$ docker run \
 	  -e TZ="CET" \
 	  -e LANG="en_US.UTF-8" \
-	  -e MULUK_CONFIG_FILE="/opt/jboss/wildfly/config.xml" \
 	  -v $PWD/docker/configuration/config.xml:/opt/jboss/wildfly/config.xml \
 	  -p "8080:8080" \
 	  imixs/muluk:latest
@@ -93,7 +114,6 @@ to start the container in dev mode run:
 	$ docker run \
 	  -e TZ="CET" \
 	  -e LANG="en_US.UTF-8" \
-	  -e MULUK_CONFIG_FILE="/opt/jboss/wildfly/config.xml" \
 	  -v $PWD/docker/deployments:/opt/jboss/wildfly/standalone/deployments/ \
 	  -v $PWD/docker/configuration/config.xml:/opt/jboss/wildfly/config.xml \
 	  -p "8080:8080" \

diff --git a/config.xml b/config.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:xs="http://www.w3.org/2001/XMLSchema">
+
+
+	<cluster name="local-dev">
+		<node>
+			<target>http://localhost:8080</target>
+			<auth type="BASIC" user="admin" password="adminadmin" />
+		</node>
+	</cluster>
+
+	<!-- 
+		The Mail Configuration is used to send out mails. Define your login data for your SMPT mail sever here.
+	 -->
+	 <!-- Enable this section to receive E-Mail notifications
+	<mail host="mail.foo.com" port="465" user="your-user" password="your-password" from="[email protected]">
+		<recipients>[email protected]</recipients>
+	</mail>
+	 -->
+
+	<monitor>
+		<object type="web" interval="35">
+			<target>https://www.imixs.org</target>
+			<pattern>Imixs-Workflow supports the BPMN 2.0 standard</pattern>
+		</object>
+		<object type="web" interval="55">
+			<target>https://manik.imixs.org/</target>
+			<pattern>Manik Hot-Deploy</pattern>
+		</object>
+	</monitor>
+</config>
diff --git a/doc/resources/screen-01.png b/doc/resources/screen-01.png
diff --git a/docker/configuration/wildfly/muluk-roles.properties b/docker/configuration/wildfly/muluk-roles.properties
@@ -0,0 +1 @@
+admin=org.imixs.ACCESSLEVEL.READERACCESS
diff --git a/docker/configuration/wildfly/muluk-users.properties b/docker/configuration/wildfly/muluk-users.properties
@@ -0,0 +1,2 @@
+# Username = Password
+admin=adminadmin
diff --git a/docker/configuration/wildfly/sampleapp-roles.properties b/docker/configuration/wildfly/sampleapp-roles.properties
diff --git a/docker/configuration/wildfly/sampleapp-users.properties b/docker/configuration/wildfly/sampleapp-users.properties