View Source

On this page

In this section, we will review the various settings which you may have to adjust in order to establish communication between web services and Teamwork Cloud.

Change these settings only if you need to change the default installation.

Connecting to remote authentication and Teamwork Cloud servers

Configuring remote authentication server

To configure remote authentication server

Open the webappplatform.properties file at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.

Locate Authentication server properties and change the values as necessary:

# Authentication server properties
#

# Specify the Authentication server location.
# IP address or domain name.
authentication.server.ip=127.0.0.1

# Specify the Authentication server port.
authentication.server.port=8443

# Specify rest protocol (http or https) depending on the Authentication server setup.
authentication.server.protocol=https

If you are accessing via a hostname or FQDN, especially if you are using a signed certificate, use the applicable FQDN or hostname instead of the IP address.

If you have configured authserver to use HTTP or to run on a different port, make sure that the URI reflects the correct values.

Configuring remote Teamwork Cloud server

To configure remote Teamwork Cloud server

Open the webappplatform.properties file at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.

Locate Teamwork Cloud server properties and change the values as necessary:

# Specify the Teamwork Cloud IP address or domain name.
twc.ip=127.0.0.1

# Specify rest protocol (http or https) depending on the Teamwork Cloud server setup.
twc.rest.protocol=https

# Specify the Teamwork Cloud rest API port.
twc.rest.port=8111

Please ensure these credentials for twc.admin.username and twc.admin.password match those of a user with administrative privileges.

If you are accessing via a hostname or FQDN, especially if you are using a signed certificate, use the applicable FQDN or hostname instead of the IP address.

If you have configured Teamwork Cloud to use HTTP or to run on a different port, make sure that the URI reflects the correct values.

If you change any of the configuration parameters, you will need to restart the WebApp service.

Configuring remote Zookeeper service discovery server

To configure remote Zookeeper service discovery server

Open the webappplatform.properties file at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.

Locate Platform service discovery related properties and change the values as necessary:

# Specify the Zookeeper server IP address.
zookeeper.server.ip=127.0.0.1
# Specify the Zookeeper server port.
zookeeper.server.port=2181
# Specify zk node where ZooKeeper registers applications
zookeeper.base.service.path=/services
# Enable or disable service discovery. Enabled if the property does not exist
service.discovery.enabled=true
# Indicates path of services. Specify / if all services are deployed on the same Tomcat.
service.uri=/
# Enables or disables ACLs of ZooKeeper nodes under zookeeper.base.service.path. To use this functionality,
# skipACL must be set to no in the ZooKeeper configuration file, which is <zookeeper-home>/conf/zoo.cfg by default
#zookeeper.acl.enable=false
#zookeeper.acl.username=zkuser
#zookeeper.acl.password=zkpassword
# One of: all, read, write, create, delete, admin. If not set, the all permission will be used
#zookeeper.acl.user.permissions=all

Configuring remote FlexNet license server for Web Application Platform services

You can configure a remote FlexNet license server for Web Application Platform services, such as Cameo Collaborator or Server-side simulation.

To configure remote FlexNet license server for Web Application Platform services

Open the webappplatform.properties file at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.

Locate FlexNet/DSLS server properties and change the values as necessary:

# Specify if you want to use the FlexNet or DSLS framework (the default value is FlexNet).
license.framework=FlexNet

# Specify the FlexNet/DSLS license server IP:Port address.
# If the value of the 'license.dsls.server.mode' property is ORGANIZATION_DEFINED, address will be read from the DSLicSrv.txt file.
license.server=

Changing client port

To change remote FlexNet license server

Open the webappplatform.properties file at <install_root>/WebAppPlatform/shared/conf/webappplatform.properties.
Locate Teamwork Cloud server properties and change the value as necessary:
# Specify the Teamwork Cloud client API port. twc.client.port=3579

Setting web server protocol (HTTPS to HTTP)

By default, in order to enforce a higher level of security, web services are accessed via HTTPS. In order to change the mode of operation to HTTP, various configuration changes must be made.

We do not recommend changing HTTPS to HTTP. Perform this only if necessary.

The default port for web services is 8443. In this example, we will make the changes necessary to run over HTTP on the default port of 8443.

The WebApp server configuration is located in <install_root>/WebAppPlatform/conf/server.xml.

Locate the following connector executor section:

<Connector executor="tomcatThreadPool"
           port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" />

Edit the section as shown below:

<Connector executor="tomcatThreadPool"
           port="8443" protocol="HTTP/1.1"
           connectionTimeout="20000" />

The modifications consist of changing the port from 8080 to 8443, and removing a redirect that would route to the handler on port 8443.

Since we have configured this connector to listen on port 8443, we now need to remove the existing connector handler on port 8443.

Locate the following connector section (text shown below is truncated):

Teamwork Cloud and Services 2024x Refresh3 > Advanced services configuration > connector.jpg

Comment out the entire section as shown:

Teamwork Cloud and Services 2024x Refresh3 > Advanced services configuration > connector_2.jpg

By default, due to security reasons, we have established a security policy requiring access to be encrypted. To disable this, we need to edit <install_root>/WebAppPlatform/conf/web.xml. This section is located at the very bottom of the file.

The following section:

<security-constraint>                             
    <web-resource-collection>                      
        <web-resource-name>webapp</web-resource-name>
        <url-pattern>/*</url-pattern>                    
    </web-resource-collection>                              
    <user-data-constraint>                          
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

needs to be edited as follows:

<security-constraint>                             
    <web-resource-collection>                      
        <web-resource-name>webapp</web-resource-name>
        <url-pattern>/*</url-pattern>                    
    </web-resource-collection>                              
    <user-data-constraint>                          
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint>

where transport-guarantee is changed to NONE.

Next, update the configuration files to reflect the change in protocol.

In <install_root>/WebAppPlatform/shared/conf/authserver.properties: change addresses listed in authentication.redirect.uri.whitelist to HTTP.
In <install_root>/WebAppPlatform/shared/conf/webappplatform.properties: change authentication.server.protocol to HTTP.
- Optionally, set twc.rest.protocol to HTTP if the Teamwork Cloud service will also switch protocol.
In <install_root>/TeamworkCloud/configuration/application.conf: set url for esi.auth to the HTTP address for authentication server (e.g. url="http://<authserver>:8443")
- Optionally, set ssl enabled to false esi.http if the Teamwork Cloud service will also switch protocol.

Restart all Teamwork Cloud services after changes are saved. Access web addresses via HTTP once services are restarted.

Please also see more detailed instructions at https://tomcat.apache.org/tomcat-10.0-doc/ssl-howto.html.

Changing Web Application Platform port

The default port of Web Application Platform is 8443. You can change this port if needed by editing the server.xml file in <install_root>/WebAppPlatform/conf. The example below reconfigures web services to run HTTPS via port 8444, instead of 8443.

Locate this code section:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
                   sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
                   maxThreads="150" SSLEnabled="true">
            <SSLHostConfig sslProtocol="TLS"
                           protocols="TLSv1.2"
                           honorCipherOrder="true"
                           certificateVerification="none"
                           ciphers="..." >

Replace the port number:

<Connector port="8444" protocol="org.apache.coyote.http11.Http11NioProtocol"
                   sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation"
                   maxThreads="150" SSLEnabled="true">
            <SSLHostConfig sslProtocol="TLS"
                           protocols="TLSv1.2"
                           honorCipherOrder="true"
                           certificateVerification="none"
                           ciphers="..." >

The only change is the definition of the port number, which changed from 8443 to 8444.

Update authentication.redirect.uri.whitelist in <install_root>/WebAppPlatform/shared/conf/authserver.properties to reflect the port change.
Update authentication.server.port in <install_root>/WebAppPlatform/shared/conf/webappplatform.properties to reflect the authentication port change.
Provide new authentication address for twcloud service in <install_root>/TeamworkCloud/configuration/application.conf. Under esi.auth, specify url like this example:
# Authentication Server address esi.auth { # Authentication Server base URL. url = "https://<server-address>:8444"