Looking for a new opportunity? Why not work somewhere great? Learn more

Webmethods Command Central 9.5 User configuration

Home > Blogs  > Webmethods Command Central 9.5 User configuration

11 Jul Webmethods Command Central 9.5 User configuration

Posted at 16:35h in Blogs by
0 Likes
Introduction:
Command central is one of the new components from WebMethods 9.0
It helps you monitor and manage your environment in one visual tool.
This compononent is growing with each version.

The way the user management works is a bit different from the other components.
A big part of this is being done using commands or by manually copie files to other location.
 

USER ARCHITECTURE

1.       Local Administrator user in users.txt  will have same password on all environments
2.       This user is used to connect to SPM and its components !
3.       To connect to IS, MWS and other user protected CI, local administrator of that component will be used.
4.       LDAP is used to authorize CCE access trough roles4
 

Configure local Users when Administrator password changes: 

The configuration is done using Command Central(cce) commands:
Set the CC_CLI_HOME environment variable to the following directory:
Software AG_directoryCommandCentralclient

1. Change the command central password by running.

C:SoftwareAGcommonbin>internaluserrepo.bat -f ../conf/users.txt -p manage1 Administrator

2. Update configuration data for all nodes

When this is done, the node will become green on “Installations Tab”

cc update configuration data {destination nodeAlias} OSGI-SPM-ENGINE SIN-INTERNAL-USERS-users.txt -i D:CCE_95commonconfusers.txt

 

Password to be used is password in users.txt at that moment on the Node_ALIAS
this will copy users.txt to the destination alias
OR You can also copy 3 files from CCE_95 to node =
Users.txt
Roles.txt
Groups.txt
When you don’t define a specific node, it will try to apply it to all nodes.
RESTART OF SPM ON DESTINATION SERVER IS NEEDED

3. Create creds.xml

cc get security credentials –format xml –server http://localhost:8090/cce –output d:creds.xml
Change password credentials to current CCE password.
save creds.xml
 
<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes” ?>
<userCredentials>
<userName>Administrator</userName>
<authenticationType>BASIC</authenticationType>
<password>passwordincleartext</password>
</userCredentials>

3.1 Execute the below to fix the communication between CCE and all SPM

When this is done SPM will be green on Instances Tab only
 
cc add security credentials runtimeComponentId=OSGI-SPM -i D:/creds.xml -f xml
D:CCE_95CommandCentralclientbin>cc add security credentials runtimeComponent
Id=OSGI-SPM -i ./creds.xml -f xml
Password:
POST http://localhost:8090/cce/security/credentials?runtimeComponentId=OSGI-SPM
returned a response status of 200 OK

4. Execute next command to fix the communication between SPM and all other OSGI platform products

When this is done all components using Adminstrator PWS combination will be green (NerV , Web server…)
Other Components like IS and MWS there you need to set the password manually trough WebInterface of CCE
 
cc add security credentials runtimeComponentId=OSGI-* -i D:/creds.xml -f xml
D:CCE_95CommandCentralclientbin>cc add security credentials runtimeComponent
Id=OSGI-* -i ./creds.xml -f xml
Password:
POST http://localhost:8090/cce/security/credentials?runtimeComponentId=OSGI-* re
turned a response status of 200 OK

NOTE:
In 9.5 ALL SPM’s must have the same Administrator password otherwise CCE cannot connect to them.

LDAP Configuration

Copy file from DEV / SYS :
Jaas.conf
Or adjust it:
com.softwareag.security.jaas.login.internal.InternalLoginModule optional
// LDAP config started
                                    com.softwareag.security.sin.is.ldap.lm.LDAPLoginModule optional
                                    url=”ldap://ldapserver:ldapPort
                                    prin=”cn={ldap info},o={ ldap info }
                                    cred=”********”
                                    gidprop=”cn”
                                    uidprop=”cn”
                                    usecaching=”false”
                                    userrootdn=”ou=={ ldap info },o=={ ldap info }
                                    mattr=”uniquemember”
                                    memberinfoingroups=true
                                    grouprootdn=”ou=={ ldap info },o=={ ldap info }
                                    groupobjclass=”groupofnames”
                                    creategroups=true
                                    personobjclass=”person”;
            // LDAP config ended
Copy this file to SPM to keep in mind to change path to local files!
Or you will have some strange effects.
 
 
+ Adapt roles.txt to LDAP:
 
[groups]
group:”Administrators”=superadmin
group:”DEVAdministrator”=superadmin
group:”DEVDeveloper”=readonlyadmin
group:”DEVMonitorAdministrator”=readonlyadmin



Apply for these jobs
Working at i8c

i8c is a system integrator that strives for an informal atmosphere between its employees, who have an average age of approx 30 years old. We invest a lot of effort in the professional development of each individual, through a direct connection between the consultants and the management (no multiple layers of middle management). We are based in Kontich, near Antwerp, but our customers are mainly located in the triangle Ghent-Antwerp-Brussels and belong to the top 500 companies in Belgium (Securex, Electrabel, UCB, etc…).

Quality Assurance

i8c is committed to delivering quality services and providing customer satisfaction. That’s why we invested in the introduction of a Quality Management System, which resulted in our ISO9001:2000 certification. This guarantees that we will meet your expectations, as a reliable, efficient and mature partner for your SOA & integration projects.

i8c - ISO9001-2015