Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Content layer
id1974282504


Content column
id1974282506


Content block
id1974282505

The configuration settings described in this section are optional. You only need to configure them if the default setting is not suitable for your environment. The Teamwork Cloud (TWCloud) system will load the configuration file every time it starts. Therefore, changes made to the configuration file will be applied once you restart it.

Table of Contents

Setting a TWCloud password for authentication with the  Authentication Server

TWCloud Admin uses an Authentication Server to authenticate users. TWCloud Admin needs a password to access /token endpoint of the Authentication Server. You need to specify the same password that is entered in the authentication server's configuration file authserver.properties (in the parameter authentication.client.secret). The default value is CHANGE_ME.

esi.console {
....
#
# The console client password parameter.
client {
pswd = "CHANGE_ME"
}
...
}

Changing a log file location

You can configure the logging system of TWCloud by using logback.xml. This file is located in the folder configuration of the TWCloud. You can change the name or location of the file by editing the following line in the file logback.xml

  • In TWCloud, look for the following line:

<file>${user.home}/.twcloud/19.02021x/server.log</file>

When changing the log file name and location, you need to be sure that the user account to your Operating System (OS) that you will use to start TWCloud has the write permission in the new configured location. To learn more about logback configuration, see http://logback.qos.ch/manual/configuration.html.

Setting a server port

The default port number of TWCloud for the client to connect to is 3579. However, the port number is changeable. If you would like to change the default port number, for example, to 3580, you can configure this in the TWCloud configuration file, application.conf Search for the content shown below, and edit as follows:

Code Block
languagetext
net
	{
		connectors = [
			{
				# The ip address to bind to (for client connection).
				# The default value is bind to all IPs.
				host = "0.0.0.0"
				
				# Port for client application to connect to. The default value is 3579.
				# This is corresponding to the port specified when connecting from client such as MagicDraw. 
				port = 3580


The configuration file, application.conf, is located in the directory configuration under the TWCloud program folder. For example, /opt/TeamworkCloud/TWCloud/configuration/application.conf. The configuration file is in HOCON format ("Human-Optimized Config Object Notation"). For more information about HOCON file format, visit the following link https://github.com/typesafehub/config/blob/master/HOCON.md#syntax.

Please note that MagicDraw is considered as a client of TWCloud. Consequently, if you change this setting, you will have to specify the port number while connecting from MagicDraw.

Setting a public IP

If TWCloud is deployed in the environment where the client will connect to the server via a public IP (NATed to a private IP), set the parameter server-broadcast-host to the public IP address and host to the private IP. Search for the content in application.conf and edit as follows:

Code Block
languagetext
net
	{
		connectors = [
			{
				# The ip address to bind to (for client connection).
				# The default value is bind to all IPs.
				host = "0.0.0.0"
				
				# Port for client application to connect to. The default value is 3579.
				# This is corresponding to the port specified when connecting from client such as MagicDraw. 
				port = 3579
				
				protocol = "raw"
			}
		]
		
		# To support deploying TWCloud in private network, but client connects from public network,
		# Specify IP address that will be used by client to connect to this TWCloud from public network.
		# This value will be default to esi.net.host if it is empty.
		# server-broadcast-host is not recommended to use.
		server-broadcast-host = "PUBLIC_IP_ADDRESS"
	}

Setting Cassandra authentication

If you configure Cassandra authentication via username/password, you need to configure TWCloud server and Authentication server as follows:

Go to <TWC installation folder>/configuration/application.conf

In the application.conf file search for the following section. Set authentication-enabled to true and set username and password.

 # Enable this section to enable the cassandra authentication. 
authentication-enabled = false 
username = cassandra 
password = cassandra

Go to <TWC installation folder>/AuthServer/conf/authserver.properties

In the authserver.properties file Search for the following lines and remove # and specify the username and password.

#cassandra.username=cassandra
#cassandra.password=cassandra

Configuring secure SSL communication between TWCloud and Cassandra

You can set up secure communication between TWCloud and Cassandra. For this, you need to configure application.conf (Teamwork Cloud side) and cassandra.yaml (Cassandra side) files. 

Configuring application.conf

  1. Locate and open the application.conf file.
  2. Search for the following section:

    Code Block
    # Secure connection with SSL between Cassandra and TWCloud
    esi.security {
        cassandra {
            enabled = true
        	keystorePath = "<TWC installation folder>/configuration/keystore.p12"
        	keystoreType = "<keystore_type>"
        	keystorePassword = "<keystore_password>"
        	truststorePath = "<TWC installation folder>/configuration/keystore.p12"
            truststoreType = "<truststore_type>"
            truststorePassword = "<truststore_password>"
        }
    }
  3. Configure the properties, as shown in the example above:

    • enabled = true
    • keystorePath = <TWC installation folder>/configuration/keystore.p12
    • keystoreType = <keystore_type>
    • keystorePassword = <keystore_password>
    • truststorePath = <TWC installation folder>/configuration/keystore.p12
    • truststoreType = <truststore_type>
    • truststorePassword = <truststore_password>
  4. Save the changes. 

Configuring cassandra.yaml

  1. Locate and open the cassandra.yaml file.

  2. Configure the following properties:
    client_encryption_options: 

    • enabled: true
    • optional: false

      Note

      If enabled and optional are set to true, encrypted and unencrypted connections are handled.

    • keystore:  <TWC installation folder>/configuration/keystore.p12
    • keystore_password: <keystore_password>
    • require_client_auth: true
  3. If require_client_auth is set to true, set truststore and truststore_password:
    • truststore: <TWC installation folder>/configuration/keystore.p12
    • truststore_password: <truststore_password>
  4. Use these advanced defaults:
    • protocol: TLS
    • algorithm: SunX509
    • store_type: PKCS12


Content block
id1974282503

Related pages



...