On this page
The configuration settings described in this section are optional. You only need to configure them if the default setting is not suitable for your environment. The Magic Collaboration Studio system will load the configuration file every time it starts. Therefore, changes to the configuration file will be applied once you restart it.
To configure Cassandra authentication, please see chapter Cassandra authentication.
Setting a Magic Collaboration Studio password for authentication with the Authentication Server
Teamwork Cloud Admin uses an Authentication Server to authenticate users. Teamwork Cloud Admin needs a password to access /token endpoint of the Authentication Server. You need to specify the same password that is entered in the authentication server's configuration file webappplatform.properties (in the parameter authentication.client.secret). The default value is CHANGE_ME.
esi.console { .... # # The console client password parameter. client { pswd = "CHANGE_ME" } ... }
Changing a log file location
You can configure the logging system of Magic Collaboration Studio by using logback.xml. This file is located in the folder configuration of the Magic Collaboration Studio. You can change the name or location of the file by editing the following line in the file logback.xml.
In Magic Collaboration Studio, look for the following line:
logback.xml<file>${user.home}/.twcloud/2021x/server.log</file>
When changing the log file name and location, you need to be sure that the user account to your Operating System (OS) that you will use to start Magic Collaboration Studio has the write permission in the new configured location. To learn more about logback configuration, see http://logback.qos.ch/manual/configuration.html.
Setting a server port
The default port number of Magic Collaboration Studio for the client to connect to is 3579. However, the port number is changeable. If you would like to change the default port number, for example, to 3580, you can configure this in the Magic Collaboration Studio configuration file, application.conf. Search for the content shown below, and edit as follows:
net { connectors = [ { # The ip address to bind to (for client connection). # The default value is bind to all IPs. host = "0.0.0.0" # Port for client application to connect to. The default value is 3579. # This is corresponding to the port specified when connecting from client such as MagicDraw. port = 3580
The configuration file, application.conf, is located in the directory configuration under the Magic Collaboration Studio program folder. For example, /opt/TeamworkCloud/configuration/application.conf. The configuration file is in HOCON format ("Human-Optimized Config Object Notation"). For more information about HOCON file format, visit the following link https://github.com/typesafehub/config/blob/master/HOCON.md#syntax.
Please note that MagicDraw is considered as a client of Magic Collaboration Studio. Consequently, if you change this setting, you have to specify the port number while connecting from MagicDraw.
Setting a public IP
If Magic Collaboration Studio is deployed in the environment where the client will connect to the server via a public IP (NATed to a private IP), set the parameter server-broadcast-host to the public IP address and host to the private IP. Search for the content in application.conf and edit as follows:
net { connectors = [ { # The ip address to bind to (for client connection). # The default value is bind to all IPs. host = "0.0.0.0" # Port for client application to connect to. The default value is 3579. # This is corresponding to the port specified when connecting from client such as MagicDraw. port = 3579 protocol = "raw" } ] # To support deploying Magic Collaboration Studio in private network, but client connects from public network, # Specify IP address that will be used by client to connect to this Magic Collaboration Studio from public network. # This value will be default to esi.net.host if it is empty. # server-broadcast-host is not recommended to use. server-broadcast-host = "PUBLIC_IP_ADDRESS" }
Configuring secure SSL communication between Magic Collaboration Studio and Cassandra
You can set up secure communication between Magic Collaboration Studio and Cassandra. For this, you need to configure application.conf (Magic Collaboration Studio side) and cassandra.yaml (Cassandra side) files.
Configuring application.conf
- Locate and open the application.conf file.
Search for the following section:
# Secure connection with SSL between Cassandra and Magic Collaboration Studio esi.security { cassandra { enabled = true keystorePath = "<install_root>/configuration/keystore.p12" keystoreType = "<keystore_type>" keystorePassword = "<keystore_password>" truststorePath = "<install_root>/configuration/keystore.p12" truststoreType = "<truststore_type>" truststorePassword = "<truststore_password>" } }
Configure the properties, as shown in the example above:
- enabled = true
- keystorePath = <install_root>/configuration/keystore.p12
- keystoreType = <keystore_type>
- keystorePassword = <keystore_password>
- truststorePath = <install_root>/configuration/keystore.p12
- truststoreType = <truststore_type>
- truststorePassword = <truststore_password>
- Save the changes.
Configuring cassandra.yaml
Locate and open the cassandra.yaml file.
Configure the following properties:
client_encryption_options:- enabled: true
optional: false
If enabled and optional are set to true, encrypted and unencrypted connections are handled.
- keystore: <path_to_keystore>/keystore.p12
- keystore_password: <keystore_password>
- require_client_auth: false
- If require_client_auth is set to true, set truststore and truststore_password:
- truststore: <path_to_truststore>/keystore.p12
- truststore_password: <truststore_password>
The require_client_auth setting is optional – it adds an extra layer of security by requiring the client to present its own certificate to the server (mutual TLS). However, this setting does not affect whether encryption is used for communication: if require_client_auth is set to false, the server does not require the client to present a certificate, but the communication is still encrypted as long as SSL/TLS is enabled.
- Use these advanced defaults:
- protocol: TLS
- algorithm: SunX509
- store_type: PKCS12