On this page
The configuration settings described in this section are optional. You only need to configure them if the default setting is not suitable for your environment. The Teamwork Cloud system will load the configuration file every time it starts. Therefore, changes to the configuration file will be applied once you restart it.
The Teamwork Cloud service configuration file, application.conf, is located in <install_root>/TeamworkCloud/configuration/application.conf. This file is in HOCON format ("Human-Optimized Config Object Notation"). For more information about HOCON file format, visit the following link https://github.com/typesafehub/config/blob/master/HOCON.md#syntax.
To configure Cassandra authentication, please see chapter Cassandra authentication.
Setting a Teamwork Cloud password for authentication with the Authentication Server
Teamwork Cloud Admin uses an Authentication Server to authenticate users. Teamwork Cloud Admin needs a password to access /token endpoint of the Authentication Server. You need to specify the same password that is entered in the authentication server's configuration file webappplatform.properties (in the parameter authentication.client.secret). The default value is CHANGE_ME.
esi.console { .... # # The console client password parameter. client { pswd = "CHANGE_ME" } ... }
Changing a log file location
You can configure the logging system of Teamwork Cloud by using logback.xml.
To change the name or location of the log files in logback.xml, locate <file> fields. When changing the log file name and location, you need to be sure that the user account to your Operating System (OS) that you will use to start Teamwork Cloud has the write permission in the new configured location. To learn more about logback configuration, see http://logback.qos.ch/manual/configuration.html.
Changing the client port
The default port number of Teamwork Cloud for the client to connect to is 3579. However, the port number is changeable. If you would like to change the default port number, for example, to 3580, you can configure this in the Teamwork Cloud configuration file, application.conf. Search for the content shown below, and edit as follows:
net { connectors = [ { # The ip address to bind to (for client connection). # The default value is bind to all IPs. host = "0.0.0.0" # Port for client application to connect to. The default value is 3579. # This is corresponding to the port specified when connecting from client such as MagicDraw. port = 3580
Please note that the modeling tool, such as MagicDraw, is considered as a client of Teamwork Cloud. Consequently, if you change this setting, you have to specify the port number while connecting from the modeling tool.
Setting a public IP
If Teamwork Cloud is deployed in the environment where the client will connect to the server via a public IP (NATed to a private IP), set the parameter server-broadcast-host to the public IP address and host to the private IP. Search for the content in application.conf and edit as follows:
net { connectors = [ { # The ip address to bind to (for client connection). # The default value is bind to all IPs. host = "0.0.0.0" # Port for client application to connect to. The default value is 3579. # This is corresponding to the port specified when connecting from client such as MagicDraw. port = 3579 protocol = "raw" } ] # To support deploying Teamwork Cloud in private network, but client connects from public network, # Specify IP address that will be used by client to connect to this Teamwork Cloud from public network. # This value will be default to esi.net.host if it is empty. # server-broadcast-host is not recommended to use. server-broadcast-host = "PUBLIC_IP_ADDRESS" }
Configuring secure SSL communication between Teamwork Cloud and Cassandra
You can set up secure communication between Teamwork Cloud and Cassandra. For this, you need to configure application.conf (Teamwork Cloud side) and cassandra.yaml (Cassandra side) files.
Configuring application.conf
- Locate and open the application.conf file.
Search for the following section:
# Secure connection with SSL between Cassandra and Teamwork Cloud esi.security { cassandra { enabled = true keystorePath = "<install_root>/configuration/keystore.p12" keystoreType = "<keystore_type>" keystorePassword = "<keystore_password>" truststorePath = "<install_root>/configuration/keystore.p12" truststoreType = "<truststore_type>" truststorePassword = "<truststore_password>" } }
Configure the properties, as shown in the example above:
- enabled = true
- keystorePath = <install_root>/configuration/keystore.p12
- keystoreType = <keystore_type>
- keystorePassword = <keystore_password>
- truststorePath = <install_root>/configuration/keystore.p12
- truststoreType = <truststore_type>
- truststorePassword = <truststore_password>
- Save the changes.
Configuring cassandra.yaml
Locate and open the cassandra.yaml file.
Configure the following properties:
client_encryption_options:- enabled: true
optional: false
If enabled and optional are set to true, encrypted and unencrypted connections are handled.
- keystore: <path_to_keystore>/keystore.p12
- keystore_password: <keystore_password>
- require_client_auth: false
- If require_client_auth is set to true, set truststore and truststore_password:
- truststore: <path_to_truststore>/keystore.p12
- truststore_password: <truststore_password>
The require_client_auth setting is optional – it adds an extra layer of security by requiring the client to present its own certificate to the server (mutual TLS). However, this setting does not affect whether encryption is used for communication: if require_client_auth is set to false, the server does not require the client to present a certificate, but the communication is still encrypted as long as SSL/TLS is enabled.
- Use these advanced defaults:
- protocol: TLS
- algorithm: SunX509
- store_type: PKCS12
Related pages