Versions Compared

Old Version 10

changes.mady.by.user Kristina B.

Saved on

compared with

New Version 11

changes.mady.by.user Kristina B.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Content layer
id909794202
Content column
id909794213
Content block
id909794199

On this page

Table of Contents

Content block
id909794212

Teamwork Cloud features the new Webapp Platform based TWCloud Admin Console.  As such, it is a standalone application which communicates with Teamwork Cloud using the REST API.

Configuration of its communication with Teamwork Cloud is located in <installation_directory>/WebAppPlatform/shared/conf/webappplatform.properties.

In this section we will review the various settings which you may have to adjust in order to establish communications between the admin console and Teamwork Cloud.  Changes to these settings are only necessary if one is not using a default installation.

#
# Authentication server properties
#
# Authentication server address
# http/https depending on setup of Authentication server.
authentication.server.uri=https://IP_ADDRESS:8555/authentication


Note
titleAuthserver

If you are accessing via a hostname or FQDN, especially if you are using a signed certificate, use the applicable FQDN or hostname instead of the IP address.

If you have configured authserver to use http or to run on a different port, make sure that the URI reflects the correct values.


#
# Teamwork Cloud server properties
#
twc.admin.username=Administrator
twc.admin.password=Administrator
# Teamwork Cloud server address
# http/https depending on setup of Authentication server.
twc.url=https://IP_ADDRESS:8111

Note
titleTWCloud

Please make sure these credentials for twc.admin.username and twc.admin.password match those of a user with administrative privileges.

If you are accessing via a hostname or FQDN, especially if you are using a signed certificate, use the applicable FQDN or hostname instead of the IP address.

If you have configured twcloud to use http or to run on a different port, make sure that the URI reflects the correct values.



Warning
titleWarning: Changing the server protocol and server port

If you change any of the configuration parameters, you will need to restart the webapp service.

Setting server protocol

By default, and in order to enforce a higher level of security, the admin console is accessed via https.  In order to change the mode of operation to http (not recommended), various configuration changes must be made.

The default port for the admin console is 8443.  In this example, we will make the changes necessary to run over http on the default port of 8443.

The webapp server configuration is located in <installation_directory>/WebAppPlatform/conf/server.xml.

The following section

Code Block
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

needs to be edited to

Code Block
    <Connector executor="tomcatThreadPool"
               port="8443" protocol="HTTP/1.1"
               connectionTimeout="20000" />

The changes which we implemented consist of changing the port from 8080 to 8443, and removing a redirect which would route to the handler on port 8443.

Since we have configured this connector to listen on port 8443, we now need to remove the existing connector handler on port 8443.

The following section

Code Block
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/keystore.p12"
                     certificateKeystorePassword="nomagic"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>

needs to be commented out as follows

Code Block
<!--   
 	<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/keystore.p12"
                     certificateKeystorePassword="nomagic"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>
-->

By default, for the sake of security, we are have established a security policy requiring access to be encrypted.  To disable this, we need to edit <installation_directory>/WebAppPlatform/conf/web.xml.  This section is located at the very bottom of the file.

The following section

Code Block
<security-constraint>                             
    <web-resource-collection>                      
        <web-resource-name>webapp</web-resource-name>
        <url-pattern>/*</url-pattern>                    
    </web-resource-collection>                              
    <user-data-constraint>                          
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

needs to be edited as follows:

Code Block
<security-constraint>                             
    <web-resource-collection>                      
        <web-resource-name>webapp</web-resource-name>
        <url-pattern>/*</url-pattern>                    
    </web-resource-collection>                              
    <user-data-constraint>                          
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint>


In the next example. we will configure the Admin Console to run https on a different port (8444)

The following code section

Code Block
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/keystore.p12"
                     certificateKeystorePassword="nomagic"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>

needs to be edited as follows:

Code Block
<Connector port="8444" protocol="org.apache.coyote.http11.Http11NioProtocol"
               sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
               maxThreads="150" SSLEnabled="true">
      <SSLHostConfig>
        <Certificate certificateKeystoreFile="../configuration/keystore.p12"
                     certificateKeystorePassword="nomagic"
                     type="RSA" />
      </SSLHostConfig>
    </Connector>

As can be seen, the only change is the definition of the port number, changed from 8443 to 8444.


Note

If you change either the protocol or the port from the default, you need to edit authentication.redirect.uri.whitelist, located in <installation_directory>/AuthServer/config/authserver.properties accordingly.

Content block
id1177810517

Related pages: