Records in this category

Sticky FAQs


ID #1156

How should a Muse application be configured for IP authentication?

To configure an application that uses username/password authentication method to use also IP authentication, one must do some configurations.


A) For Muse version 2500, the admin console can be used to add/edit the IP authentication of a Muse application:

- log into the MCAA console as a mcaa based user;

- select the desired Muse application, then click Login Modules;

- if the IP module is not enabled already, then click Add and then login module; click Add;

- click Edit to edit the ICELoginModuleIP module;

- click Edit User Access Rules and then Insert one by one the IP rules. They can consist in IP, IP classes or regular expressions that describe the needed range(s);

- click "Update".


B) For Muse versions before 2500, the modifications to be done are:

- $MUSE_HOME/use/ice/jaas.config - locate application's entry in this file. If not found, then you must add an entry for it. Supposing the application's ID is appid, then the following entry must be added:

appid { required  passwords="${ICE_HOME}/profiles/passwords.xml"; required  hosts="${ICE_HOME}/profiles/hosts.xml";

Note: if the above entry already exists for the appid application, then only the bold line must be added.

- $MUSE_HOME/use/ice/profiles/hosts - an entry like next must be added:

    <ALLOW>IP or address template</ALLOW>

Note: 'IP or address template' can be any of the following:
 - a regular expression that will be matched against the IP address the connection is coming from. E.g. 217.156.14.* will match IP
 - a regular expression that will be matched against the domain name of the IP address the connection is coming from. E.g. *
 - an address/mask notation that will be matched against the IP address the connection is coming from. The mask can be either a net-work mask or a plain number, specifying the number of 1's at the left side of the network mask. Thus, a mask of 24 is equivalent to
 - E.g. will match IP and it is equivalent with
 - E.g. will match IP


As a consequence of IP authentication, one may want to facilitate IP access to the application without having the user to fill in every time the username/password fields. To do this, one can create a html page located in $MUSE_HOME/web/www/logon/appid/ directory. This page should contain a simple login form that submits itself on page load event. Eg:

<body onload="document.logonForm.submit()">
<form name="logonForm" action="/muse/servlet/MusePeer" method="post">
<input type="hidden" name="action" value="logon" />
<input type="hidden" name="errorTemplate" value="logon/appid/error.html" />
<input type="hidden" name="userID" value="appid" />
<input type="hidden" name="userPwd" value="app_pass" />


The URL to access the autologon page is:



  • Muse_host is the hostname of the Muse system;
  • PORT is the port value on which Muse HTTP / Embedded Apache Tomcat server is configured to listen (default 8000);
  • appid is the application ID;
  • autologon_page.html is the page which contains the above HTML form.

Tags: access, authentication, auto, direct, ip, login

Related entries: -

Last update: 2013-09-02 16:25
Author: Administrator
Revision: 1.0

Print this record Send FAQ to a friend Show this as PDF file
Rate this FAQ

Average rating: 0 (0 Votes)

completely useless 1 2 3 4 5 most valuable

You cannot comment on this entry

powered by phpMyFAQ 2.7.2