Application administration

The zero.admin package provides the ability to perform administrative tasks for IBM® WebSphere® sMash applications.

With the Application Administrator installed and running, the following actions can be performed:

Add applications already on the filesystem to the Application Administrator's graphical view
Start and stop applications which have already been added to the administrator panels.
View the status of the current listed applications. This includes the applications' running state, and the URLs which can be used to reach the application.

Installing the WebSphere sMash Admin application (using the command line)

Use the following steps to install the sMash Admin application with the command line:

Install the WebSphere sMash command line utility using the instructions on the WebSphere sMash Web site.
Install the sMash Admin application from the WebSphere sMash repository using the following command:
```
zero create smash.admin from zero:zero.admin
```
Navigate to the smash.admin directory.
```
cd smash.admin
```
Start the application with the following command:
```
zero start
```
After completing the previous steps, you can interact with the application at the following URL: http://localhost:9072/.

Remote operation

The sMash Admin application is configured for localhost operations. This means that localhost users do not need user ids and passwords and there is no security risk from remote users.

You can enable remote operation by disabling the localhost setting and configuring security rules. (The security rules are optional, but recommended. Without security rules, there would be no protection against anonymous users using the full functionality of the sMash Admin.)

The following sample configuration snippet enables remote operations with basic authentication.

# Disable localhost restriction
/config/http/ipAddress="*"

# Protect access to your admin application; here, using Basic authentication.
#
# "yourname" must be a valid username for your application, e.g. set
# with the "zero user" command.

## run zero secretKey CLI command to generate secretKey
/config/security/secretKey=<**************>

## enable security for the application
@include "security/enableSecurity.config"

## authentication type is BasicAuth
@include "security/basicAuthentication.config"

## specify authorized user
@include security/authorization.config{
   "users" : ["yourname"]
}

You must add this snippet, or something similar, to the zero.config file of your application. Restart your application to pick up the change.

For other security options, see the Security considerations information in the Developer's Guide.

If you are running a co-located proxy server, the localhost protection provided by your admin application might be circumvented because the proxied request is, in fact, a request to localhost. The result could be an unwanted security exposure, unless you also configure access controls.