help w/ setting up user authentication for OpenHAB

[Scott K]

Hello,
I've read through the Security wiki, but I'm still confused about how to set up a username/password for OpenHAB interface.  I understand I should use the builtin SSL.  OK.

But then we get to here:

1)  "to activate Authentication one has to add the following parameters to the openHAB start command line"

-Djava.security.auth.login.config=./etc/login.conf

Is the wiki is refering to /etc/init.d/openhab or /opt/openhab/start.sh?  In both scripts from the demo, the Djava.security.auth.login.config is ALREADY set to ./etc/login.conf.  So it seems this is already done by default, so to speak?

2)  I turn on security on the openhab.cfg file.

3)  The file /configuration/users.cfg is a simple list of "user=pwd" pairs, which will then be used for the authentication.  Sorry for being dense, but what exactly is the syntax for adding usernames and passwords?

user=password,user,role

user=password4scott,Scott

user=password4wife,wife

Is that what it's suppose to be?  Should we delete the default line "user=password,user,role" that's in there?  When I go to the demo site, I get a username and password prompt, but entering "Scott" and "password4scott" doesn't let me in.  Maybe my assumption about the syntax for <openhab>/configuration/users.cfg is wrong?  Can someone who has password authentication tell me what the users.cfg file is suppose to look like?

[Ben Jones]

All you have to do is enable security in openhab.cfg and add user/passwords to user.cfg;

ben=password1

scott=password2

That simple.

[gilles.l...@gmail.com]

As from now I want to activate external security mode, I find the example in user.cfg a little bit confused.

As role isn't yet ready why not write for the moment:

user=password

So no confusion , no ?