Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Content layer
id909957302
Content column
id909957313
Content block
id909957312

Teamwork Cloud features the new Webapp Platform-based TWCloud Admin Console.   As such, it is a standalone application which that communicates with Teamwork Cloud using the REST API.

Configuration of its communication with Teamwork Cloud is located in <installation<install_directory>root>/WebAppPlatform/shared/conf/webappplatform.properties.

In this section, we will review the various settings which you may have to adjust in order to establish communications between the admin console and Teamwork Cloud.   Changes to these settings are only necessary if one is not using a default installation.

Code Block
#
# Authentication server properties
#
# Authentication server address
# http/https depending on setup of Authentication server.
authentication.server.uri=https://IP_ADDRESS:8555/authentication
Note
titleAuthserver access

If you are accessing via a hostname or FQDN, especially if you are using a signed certificate, use the applicable FQDN or hostname instead of the IP address.

If you have configured authserver to use http HTTP or to run on a different port, make sure that the URI reflects the correct values.

Code Block
#
# Teamwork Cloud server properties
#
twc.admin.username=Administrator
twc.admin.password=Administrator
# Teamwork Cloud server address
# http/https depending on setup of Authentication server.
twc.url=https://IP_ADDRESS:8111


Note
titleTWCloud access

Please make sure these credentials for twc.admin.username and twc.admin.password match those of a user with administrative privileges.

If you are accessing via a hostname or FQDN, especially if you are using a signed certificate, use the applicable FQDN or hostname instead of the IP address.

If you have configured twcloud TWCloud to use http HTTP or to run on a different port, make sure that the URI reflects the correct values.

Warning

If you change any of the configuration parameters, you will need to restart the webapp WebApp service.

Setting server protocol

By default, and in order to enforce a higher level of security, the admin console is accessed via httpsHTTPS.  In order to change the mode of operation to http HTTP (not recommended), various configuration changes must be made.

The default port for the admin console is 8443.   In this example, we will make the changes necessary to run over http HTTP on the default port of 8443.

The webapp WebApp server configuration is located in <installation<install_directory>root>/WebAppPlatform/conf/server.xml.

The following section:

Code Block
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

needs to be edited to:

Code Block
    <Connector executor="tomcatThreadPool"
               port="8443" protocol="HTTP/1.1"
               connectionTimeout="20000" />

The changes which we implemented consist of changing the port from 8080 to 8443, and removing a redirect which that would route to the handler on port 8443.

Since we have configured this connector to listen on port 8443, we now need to remove the existing connector handler on port 8443.

The following section:

Code Block
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/keystore.p12"
                     certificateKeystorePassword="nomagic"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>

needs to be commented out as follows:

Code Block
<!--   
 	<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/keystore.p12"
                     certificateKeystorePassword="nomagic"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>
-->

By default, for the sake of security reasons, we are have established a security policy requiring access to be encrypted.   To disable this, we need to edit <installation<install_directory>root>/WebAppPlatform/conf/web.xml.   This section is located at the very bottom of the file.

The following section:

Code Block
<security-constraint>                             
    <web-resource-collection>                      
        <web-resource-name>webapp</web-resource-name>
        <url-pattern>/*</url-pattern>                    
    </web-resource-collection>                              
    <user-data-constraint>                          
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint> 

needs to be edited as follows:

Code Block
<security-constraint>                             
    <web-resource-collection>                      
        <web-resource-name>webapp</web-resource-name>
        <url-pattern>/*</url-pattern>                    
    </web-resource-collection>                              
    <user-data-constraint>                          
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint> 

In the next example. , we will configure the Admin Console to run https HTTPS on a different port (8444).

The following code section:

Code Block
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/keystore.p12"
                     certificateKeystorePassword="nomagic"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>

needs to be edited as follows:

Code Block
<Connector port="8444" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/keystore.p12"
                     certificateKeystorePassword="nomagic"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>

As can be seen, the only change is the definition of the port number, which changed from 8443 to 8444.

Note

If you change either the protocol or the port from the default, you need to edit authentication.redirect.uri.whitelist, located in <installation<install_directory>root>/AuthServer/config/authserver.properties accordingly.

Content block
id1177979970

Related pages: