Access manager

The access manager is the server-side process that communicates with the SafeLinx Administrator administrative application to manage configuration information for the HCL SafeLinx Server.

The access manager runs as a pair of processes that manage interactions between SafeLinx Administrators, persistent data storage, and other SafeLinx Servers. One process, wgmgrsd, listens for SafeLinx Administrator requests that are received over secure connections. The second process, wgmgrd, listens for requests from non-secured connections. On Windows™, the access manager services are run as Windows services, called the SafeLinx Access Manager Service (wgmgrd) and SafeLinx Secure Access Manager Service (wgmgrsd). For more information about the use of TLS/SSL to secure the connection between the SafeLinx Administrator and the access manager, see Authentication and encryption between the SafeLinx Administrator and the access manager. A link is provided at the end of the page.

After an administrator makes configuration changes, the access manager updates the persistent data storage and dynamically updates the running SafeLinx Server with the new configuration data.

SafeLinx installs the access manager processes automatically on all supported operating systems, and the processes start automatically with the operating system. On Linux™, the xinetd process starts first and then starts other services, including the wgmgrd and wgmgrsd processes. On AIX®, the inetd service runs the access manager processes.

The access manager resource is only available for configuration from the default SafeLinx Server administrator ID (admin). When you log in as the default administrator, the access manager is shown as the first entry on the Resources page. The first time that you initiate a SafeLinx Administrator connection to a SafeLinx Server, you must log in using the default administrator credentials.

The access manager completes the following steps each time that an administrator changes a setting in the SafeLinx Administrator:
  1. Receives commands that are coded in XML from the SafeLinx Administrator.
  2. Runs the commands.
  3. Receives the results from the commands. If configuration information is updated as a result of the commands, the SafeLinx Server is automatically notified that an update is required. The SafeLinx Server then reloads the data.
  4. Converts the results into XML.
  5. Returns the results to the SafeLinx Administrator.

The access manager can work with multiple remote SafeLinx Administrators, and can be configured to accept connections from SafeLinx Administrators at specific IP addresses only.

By default, the access manager is configured so that all user and Admin passwords are encrypted before they are stored. If you change the default setting, be sure to maintain a consistent setting for all access managers and SafeLinx Servers that use the same relational database to store configuration information.