You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 34 Next »

This topic is meant for the main application manager or a similarly privileged XperienCentral user.


Once you have successfully installed XperienCentral you can start it and log in. To log in to XperienCentral, navigate to the following URL:

<xperiencentral-server>/web/edit

where <xperiencentral-server> is the name of the server on which XperienCentral is running. You will then see the XperienCentral login screen:


The very first time that a new XperienCentral installation is logged in to, most likely by the main application manager or a developer, use the following username/password combination:

Username: Administrator
Password: Administrator

After successfully logging in, you will be prompted to change the password for the user Administrator. At this point you can now configure XperienCentral and create new users and assign roles. Direct all your users to the following URL to log in to XperienCentral:

<xperiencentral-server>/web/edit

where <xperiencentral-server> is the name of the server on which XperienCentral is running. The first time all new users log in to XperienCentral they must change their password:

  1. Enter your current password in the "Current password" field.
  2. Enter your new password in the "New Password" field. For security reasons, it is strongly recommended that you create a strong password. A strong password has all of the following characteristics:

    • Is at least 8 characters long.
    • Contains a mix of uppercase and lowercase letters.
    • No string of letters spells out a word that appears in the dictionary of the language of the user.
    • Contains one or more numbers, but the numbers do not represent anything associated with you such as your birthdate, age, house address, and so forth.
    • Contains one or more special characters. A special character is anything that is not a letter or a number or a space.
    • Does not contain any string of letters that spell your first or last name, your company name, your job description, your nickname, or any other word that could be associated with you personally.

    When you type the new password into the field, the "Password Strength" field indicates the strength of your password using different colors. The following colors are used to indicate the password's strength:

    • Red — The password is extremely weak (not accepted).
    • Yellow — The password is moderately weak (not accepted).
    • Blue — The password is good.
    • Green — The password is strong.

Logging in to the XperienCentral Setup Tool

To log in to the XperienCentral Setup Tool, navigate to the following URL:

<xperiencentral-server>/web/setup

where <xperiencentral-server> is the name of the server on which XperienCentral is running.

Logging in to the XperienCentral Administrative Pages

The XperienCentral Administrative Pages are used to monitor an XperienCentral installation. See Administrative Pages for complete information.


The following two sections apply to XperienCentral versions 10.13.0 and higher.

Directly Navigating to the XperienCentral Login Page

In all cases when not using backend container authentication, when a user navigates to .../web/edit, they will be redirected to the login screen if they are not already logged in. If they are already logged in, navigating to .../web/edit will take them directly to the XperienCentral Workspace, bypassing the login screen. If a user wants to navigate directly to the login screen, to switch users for example, use the following URL:

<xperiencentral-server>/web/login

where <xperiencentral-server> is the name of the server on which XperienCentral is running.

Logging in with Backend Container Authentication

If you implement the Backend Container Authentication functionality for your project, your users do not have to log in to XperienCentral with a username and password if they have already logged in to the backend container. In this situation, refer your users to the following URL to directly access XperienCentral:

<xperiencentral-server>/web/edit

where <xperiencentral-server> is the name of the server on which XperienCentral is running.



Two Factor Authentication

Two factor authentication is a user authorization scheme in which two separate authentication methods must be satisfied in order to gain access to a resource. XperienCentral contains a two factor authentication setting which requires a user to provide a username/password combination followed by a security token which he or she receives by email. When two factor authentication is enabled, an XperienCentral user must pass both authentication steps in order to gain access to the backend every time they log in.

Enabling Two Factor Authentication


Application Manager: Before you enable two factor authentication, it is extremely important that you configure the XperienCentral SMTP host setting correctly as well as the email property of all users in the User Authorization panel. Check the following:

  • The "E-mail" field for all users on the Users tab in Authorization Management. Ensure that each of your XperienCentral users has a valid email defined for them, including yourself of course.
  • The SMTP host that XperienCentral uses to send email messages (the smtp_host property under the "application_settings" section of the General tab in the Setup Tool). Ensure that the SMTP host setting is correct by sending a test email to yourself. The easiest way to do this is to set the "Deletion notification" to "Immediately" in My Settings > Notification Settings, create a new page and then delete it at once. You might have to wait a maximum of 15 minutes to receive the email. Proceed with the steps below only after you successfully receive the deletion notification email.


Follow these steps to enable two factor authorization:

  1. Open the Setup Tool.
  2. Navigate to the General tab.
  3. Under "website_settings", locate the property enable_email_two_factor_authentication and select it in order to enable it.
  4. Click [Save Changes] at the bottom of the General tab.

Testing Two Factor Authentication

Once you have enabled two factor authentication, test it:

  1. Log out of XperienCentral if you are logged in.
  2. Log in to XperienCentral. You will be prompted for your username and password.
  3. Provide your username and password and click [Login]. The following dialog box should appear:

  4. Enter the security token which you received via email.
  5. Click [Submit]. You should now be logged in to XperienCentral.


Once you have determined that two factor authentication is working properly, notify your XperienCentral users about the steps required to log in. Be sure to inform them that the security token is valid for the duration of an XperienCentral session which begins at the moment that they access the login screen. If the session times out (after 30 minutes by default), they need to close their browser, navigate to the XperienCentral login screen and receive a new security token.


Troubleshooting Two Factor Authentication

If something goes wrong with the configuration of the SMTP host and/or your personal email, you could be locked out of XperienCentral. If you have configured any other users with the role Application Manager, try to log in using one of those users. If this is successful, it means that your personal email is not configured correctly.  Fix your email address using a user with the role Application Manager.

If you cannot log in to XperienCentral with any user, you need to disable two factor authentication and start again. To disable two factor authentication from outside the XperienCentral GUI, stop XperienCentral. Restart XperienCentral and pass the following JAVA_OPTS option:

-Ddisable_2fa

Start over at the beginning with the two factor authentication configuration.







  • No labels