On this page


The configuration settings described in this section are optional. You only need to configure them if the default setting is not suitable for your environment. The Teamwork Cloud system will load the configuration file every time it starts. Therefore, changes to the configuration file will be applied once you restart it.

The Teamwork Cloud service configuration file, application.conf, is located in <install_root>/TeamworkCloud/configuration/application.conf. This file is in HOCON format ("Human-Optimized Config Object Notation"). For more information about HOCON file format, visit the following link https://github.com/typesafehub/config/blob/master/HOCON.md#syntax.

To configure Cassandra authentication, please see chapter Cassandra authentication.

Setting a Teamwork Cloud password for authentication with the  Authentication Server

Teamwork Cloud Admin uses an Authentication Server to authenticate users. Teamwork Cloud Admin needs a password to access /token endpoint of the Authentication Server. You need to specify the same password that is entered in the authentication server's configuration file webappplatform.properties (in the parameter authentication.client.secret). The default value is CHANGE_ME

authserver.properties
esi.console {
....
#
 # The console client password parameter.
 client {
 pswd = "CHANGE_ME"
 }
...
}

Changing a log file location

You can configure the logging system of Teamwork Cloud by using logback.xml.

To change the name or location of the log files in logback.xml, locate <file> fields. When changing the log file name and location, you need to be sure that the user account to your Operating System (OS) that you will use to start Teamwork Cloud has the write permission in the new configured location. To learn more about logback configuration, see http://logback.qos.ch/manual/configuration.html.

Changing the client port

The default port number of Teamwork Cloud for the client to connect to is 3579. However, the port number is changeable. If you would like to change the default port number, for example, to 3580, you can configure this in the Teamwork Cloud configuration file, application.conf Search for the content shown below, and edit as follows:

application.conf
net
	{
		connectors = [
			{
				# The ip address to bind to (for client connection).
				# The default value is bind to all IPs.
				host = "0.0.0.0"
				
				# Port for client application to connect to. The default value is 3579.
				# This is corresponding to the port specified when connecting from client such as MagicDraw. 
				port = 3580

Please note that the modeling tool, such as MagicDraw, is considered as a client of Teamwork Cloud. Consequently, if you change this setting, you have to specify the port number while connecting from the modeling tool.

Setting a public IP

If Teamwork Cloud is deployed in the environment where the client will connect to the server via a public IP (NATed to a private IP), set the parameter server-broadcast-host to the public IP address and host to the private IP. Search for the content in application.conf and edit as follows:

net
	{
		connectors = [
			{
				# The ip address to bind to (for client connection).
				# The default value is bind to all IPs.
				host = "0.0.0.0"
				
				# Port for client application to connect to. The default value is 3579.
				# This is corresponding to the port specified when connecting from client such as MagicDraw. 
				port = 3579
				
				protocol = "raw"
			}
		]
		
		# To support deploying Teamwork Cloud in private network, but client connects from public network,
		# Specify IP address that will be used by client to connect to this Teamwork Cloud from public network.
		# This value will be default to esi.net.host if it is empty.
		# server-broadcast-host is not recommended to use.
		server-broadcast-host = "PUBLIC_IP_ADDRESS"
	}

Configuring secure SSL communication between Teamwork Cloud and Cassandra

You can set up secure communication between Teamwork Cloud and Cassandra. For this, you need to configure application.conf (Teamwork Cloud side) and cassandra.yaml (Cassandra side) files. 

Configuring application.conf

  1. Locate and open the application.conf file.
  2. Search for the following section:

    # Secure connection with SSL between Cassandra and Teamwork Cloud
    esi.security {
        cassandra {
            enabled = true
        	keystorePath = "<install_root>/configuration/keystore.p12"
        	keystoreType = "<keystore_type>"
        	keystorePassword = "<keystore_password>"
        	truststorePath = "<install_root>/configuration/keystore.p12"
            truststoreType = "<truststore_type>"
            truststorePassword = "<truststore_password>"
        }
    }
  3. Configure the properties, as shown in the example above:

    • enabled = true
    • keystorePath = <install_root>/configuration/keystore.p12
    • keystoreType = <keystore_type>
    • keystorePassword = <keystore_password>
    • truststorePath = <install_root>/configuration/keystore.p12
    • truststoreType = <truststore_type>
    • truststorePassword = <truststore_password>
  4. Save the changes. 

Configuring cassandra.yaml

  • Locate and open the cassandra.yaml file.

  • Configure the following properties:
    client_encryption_options

    • enabled: true
    • optional: false

      If enabled and optional are set to true, encrypted and unencrypted connections are handled.

    • keystore: <path_to_keystore>/keystore.p12
    • keystore_password<keystore_password>
    • require_client_authfalse
  • If require_client_auth is set to true, set truststore and truststore_password:
    • truststore<path_to_truststore>/keystore.p12
    • truststore_password<truststore_password>

      The require_client_auth setting is optional – it adds an extra layer of security by requiring the client to present its own certificate to the server (mutual TLS). However, this setting does not affect whether encryption is used for communication: if require_client_auth is set to false, the server does not require the client to present a certificate, but the communication is still encrypted as long as SSL/TLS is enabled.

  • Use these advanced defaults:
    • protocolTLS
    • algorithmSunX509
    • store_typePKCS12