Versions Compared

Old Version 2

changes.mady.by.user Jonė Š.

Saved on

compared with

New Version Current

changes.mady.by.user Jonė Š.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

On this page

Table of Contents
maxLevel4


In this section, we will review the various settings which you may have to adjust in order to establish communication between web services and Magic Collaboration Studio.

Note

Change these settings only if you need to change the default installation.

Increasing open file limit on Linux

Use this method to increase the maximum number of files that the entire operating system can handle at once before installing Web Application Platform with services.

To increase the open file limit for the operating system

  1. Open the /etc/sysctl.conf file with a text editor as a root user:
    Code Block
    languagetext
    sudo nano /etc/sysctl.conf
  2. Add or modify the following line with the new limit:
    Code Block
    languagetext
    fs.file-max = 20000
  3. Save and exit the editor.
  4. Apply the changes immediately by running:
    Code Block
    languagetext
    sudo sysctl -p

  5. To verify the change, run:
    Code Block
    languagetext
    cat /proc/sys/fs/file-max

Connecting to remote authentication and Magic Collaboration Studio servers

Configuring remote authentication server

To configure remote authentication server

  1. Open the webappplatform.properties file
    2. at
  2. at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.
    3. Locate

  3. Locate Authentication server

    4. properties

  4. properties and change the values as necessary:

    Code Block
    languagebash
    # Authentication server properties
#

# Specify the Authentication server location.
# IP address or domain name.
authentication.server.ip=127.0.0.1

# Specify the Authentication server port.
authentication.server.port=8443

# Specify rest protocol (http or https) depending on the Authentication server setup.
authentication.server.protocol=https


    Note
    titleAuthserver access

    If you are accessing via a hostname or FQDN, especially if you are using a signed certificate, use the applicable FQDN or hostname instead of the IP address.

    If you have configured authserver to use HTTP or to run on a different port, make sure that the URI reflects the correct values.


Configuring remote Magic Collaboration Studio server

To configure remote Magic Collaboration Studio server

  1. Open the webappplatform.properties file
    2. at
  2. at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.
    3. Locate

  3. Locate Magic Collaboration Studio server

    4. properties

  4. properties and change the values as necessary:

    Code Block
    # Specify the Magic Collaboration Studio IP address or domain name.
twc.ip=127.0.0.1

# Specify rest protocol (http or https) depending on the Magic Collaboration Studio server setup.
twc.rest.protocol=https

# Specify the Magic Collaboration Studio rest API port.
twc.rest.port=8111


    Note
    titleMagic Collaboration Studio access

    Please ensure these credentials for twc.admin.username and twc.admin.password match those of a user with administrative privileges.

    If you are accessing via a hostname or FQDN, especially if you are using a signed certificate, use the applicable FQDN or hostname instead of the IP address.

    If you have configured Magic Collaboration Studio to use HTTP or to run on a different port, make sure that the URI reflects the correct values.


    Warning

    If you change any of the configuration parameters, you will need to restart the WebApp service.

Configuring


remote

Configuring remote Zookeeper service discovery server

To configure remote Zookeeper service discovery server

  1. Open the webappplatform.properties file
    2. at
  2. at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.
    3. Locate

  3. Locate Platform service discovery related

    4. properties

  4. properties and change the values as necessary:

    Code Block
    # Specify the Zookeeper server IP address.
zookeeper.server.ip=127.0.0.1
# Specify the Zookeeper server port.
zookeeper.server.port=2181
# Specify zk node where ZooKeeper registers applications
zookeeper.base.service.path=/services
# Enable or disable service discovery. Enabled if the property does not exist
service.discovery.enabled=true
# Indicates path of services. Specify / if all services are deployed on the same Tomcat.
service.uri=/
# Enables or disables ACLs of ZooKeeper nodes under zookeeper.base.service.path. To use this functionality,
# skipACL must be set to no in the ZooKeeper configuration file, which is <zookeeper-home>/conf/zoo.cfg by default
#zookeeper.acl.enable=false
#zookeeper.acl.username=zkuser
#zookeeper.acl.password=zkpassword
# One of: all, read, write, create, delete, admin. If not set, the all permission will be used
#zookeeper.acl.user.permissions=all


Configuring remote FlexNet license server for Web Application Platform services

You can configure a remote FlexNet license server for Web Application Platform services, such as Cameo Collaborator or Server-side simulation.

To configure remote FlexNet license server for Web Application Platform services

  1. Open the webappplatform.properties file
    2. at
  2. at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.
    3. Locate

  3. Locate FlexNet/DSLS server

    4. properties

  4. properties and change the values as necessary:

    Code Block
    5. # Specify if you want to use the FlexNet or DSLS framework (the default value is FlexNet). license.framework=FlexNet 
  5. # Specify
    6. the
  6. if
    7. FlexNet/DSLS
  7. you
    8. license
  8. want
    9. server
  9. to
    10. IP
  10. use
    11. address.
  11. the
    12. If
  12. FlexNet
    13. the
  13. or
    14. value
  14. DSLS
    15. of
  15. framework (the
    16. 'license.dsls.server.mode' property is ORGANIZATION_DEFINED, address will be read from the DSLicSrv.txt file
  16. default value is FlexNet).
license.
    17. server.name
  17. framework=FlexNet

# Specify the FlexNet/DSLS license server IP:Port
    18. port
  18. address.
# If the value of the 'license.dsls.server.mode' property is ORGANIZATION_DEFINED,
    19. port
  19. address will be read from the DSLicSrv.txt file.
license.server
    20. .port
  20. =


Changing client port

To change remote FlexNet license server

  1. Open the webappplatform.properties file
    2. at
  2. at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.
    3. Locate

  3. Locate Magic Collaboration Studio server

    4. properties

  4. properties and change the value as necessary:

    Code Block
    # Specify the Magic Collaboration Studio client API port.
twc.client.port=3579


Setting web server protocol (HTTPS to HTTP)

By default, in order to enforce a higher level of security, web services are accessed via HTTPS. In order to change the mode of operation to HTTP, various configuration changes must be made.

Warning

We do not recommend changing HTTPS to HTTP. Perform this only if necessary.

The default port for web services is 8443. In this example, we will make the changes necessary to run over HTTP on the default port of 8443.

The WebApp server configuration is located in in <install_root>/WebAppPlatform/conf/server.xml.

Locate the following following connector executor executor section:

Code Block
<Connector executor="tomcatThreadPool"
           port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" />

Edit the section as shown below:

Code Block
<Connector executor="tomcatThreadPool"
           port="8443" protocol="HTTP/1.1"
           connectionTimeout="20000" />

The modifications consist of changing the port from 8080 to 8443, and removing a redirect that would route to the handler on port 8443.

Since we have configured this connector to listen on port 8443, we now need to remove the existing connector handler on port 8443.

Locate the following connector following connector section (text shown below is truncated):

Comment out the entire section as shown:

By default, due to security reasons, we have established a security policy requiring access to be encrypted. To disable this, we need to edit edit <install_root>/WebAppPlatform/conf/web.xml. This  This section is located at the very bottom of the file.

The following section:

Code Block
<security-constraint>                             
    <web-resource-collection>                      
        <web-resource-name>webapp</web-resource-name>
        <url-pattern>/*</url-pattern>                    
    </web-resource-collection>                              
    <user-data-constraint>                          
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

needs to be edited as follows:

Code Block
<security-constraint>                             
    <web-resource-collection>                      
        <web-resource-name>webapp</web-resource-name>
        <url-pattern>/*</url-pattern>                    
    </web-resource-collection>                              
    <user-data-constraint>                          
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint>

where where transport-guarantee guarantee is changed to to NONE.

Next, update the configuration files to reflect the change in protocol.

    In
  • In <install_root>/WebAppPlatform/shared/conf/authserver.properties: change addresses listed
    • in
  • in authentication.redirect.uri.
    • whitelist
  • whitelist to HTTP.
    • In
  • In <install_root>/WebAppPlatform/shared/conf/webappplatform.properties:
    • change
  • change authentication.server.
    • protocol
  • protocol to HTTP.
    • Optionally,
    • set
    • set twc.rest.
    • protocol
    • protocol to HTTP if the Magic Collaboration Studio service will also switch protocol.
    • In
  • In <install_root>/TeamworkCloud/configuration/application.conf:
    • set url for
  • set url for esi.
    • auth
  • auth to the HTTP address for authentication server (e.g. url="http://<authserver>:8443")
    • Optionally,
    • set
    • set ssl
    • enabled to
    • enabled to false esi.
    • http
    • http if the Magic Collaboration Studio service will also switch protocol.


Restart all Magic Collaboration Studio services after changes are saved. Access web addresses via HTTP once services are restarted.

Info

Please also see more detailed instructions at at https://tomcat.apache.org/tomcat-10.0-doc/ssl-howto.html.

Changing Web Application Platform port

The default port of Web Application Platform is 8443. You can change this port if needed by editing the the server.xml xml file in in <install_root>/WebAppPlatform/conf. The example below reconfigures web services to run HTTPS via port 8444, instead of 8443.

  1. Locate this code section:
    Code Block
    languagexml
    titleserver.xml
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
                   sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
                   maxThreads="150" SSLEnabled="true">
            <SSLHostConfig sslProtocol="TLS"
                           protocols="TLSv1.2"
                           honorCipherOrder="true"
                           certificateVerification="none"
                           ciphers="..." >
  2. Replace the port number:
    Code Block
    languagexml
    titleserver.xml
    <Connector port="8444" protocol="org.apache.coyote.http11.Http11NioProtocol"
                   sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
                   maxThreads="150" SSLEnabled="true">
            <SSLHostConfig sslProtocol="TLS"
                           protocols="TLSv1.2"
                           honorCipherOrder="true"
                           certificateVerification="none"
                           ciphers="..." >

    The only change is the definition of the port number, which changed from 8443 to 8444.
    3. Update
  3. Update authentication.redirect.uri.whitelist 
    4. in
  4. in <install_root>/WebAppPlatform/shared/conf/authserver.
    5. properties
  5. properties to reflect the port change.
    6. Update
  6. Update authentication.server.port
    7. in 
  7.  in <install_root>/WebAppPlatform/shared/conf/webappplatform.
    8. properties
  8. properties to reflect the authentication port change.
  9. Provide new authentication address for twcloud service
    10. in
  10. in <install_root>/TeamworkCloud/configuration/application.conf.
    11. Under
  11.  Under esi.auth,
    12. specify url
  12. specify url like this example: 
    Code Block
    titleapplication.conf
    # Authentication Server address
esi.auth {
        # Authentication Server base URL.
        url = "https://<server-address>:8444"