Intelligence Web Server Config
Introduction
This manual describes the configuration of the server-side components of the GBS Intelligence application. Intelligence is a web application that performs searches on GBDS database to match textual values in identifiers.
The configuration procedure should be done only after the installation step. For more information, refer to GBS Apps Setup Manual.
Configuration
The configurations steps are:
Configure Tomcat;
Configure Certificates;
Generate encrypted password;
Configure the config.properties file and Intelligence ip and port;
All steps are described below. An example config.properties file is found in the Configuration File Example section.
All lines must be present in the configuration file. Commenting or deleting lines may cause unexpected behavior. For further information, contact Griaule Support Team.
Tomcat Configuration
Edit the Tomcat configuration file to configure the certificates and port that the application will use.
vi /var/lib/tomcats/intelligence/conf/server.xmlTo change the port, look for Connector port=. This is the port for the backend operations.
Certificates Configuration
To enable SSL authentication, search for connector port= in the file /conf/server.xml.
There are two entries. The commented one is the configuration for SSL. Remove the comment delimiters <!-- and -->, and adjust these settings:
port="58194"
keystoreFile="/home/griaule/keystore"
keystorePass="password"
keyAlias="1"
clientAuth="true"
truststoreFile="/home/griaule/keystore"
truststorePass="password"The parameter port should be the desired network port for the application.
Change the path of keystoreFile and truststoreFile to the proper values. Do the same for keystorePass and truststorePass.
The parameter clientAuth="true" will require authentication from server-side to client-side and from client-side to server-side. This means that the client will need to import the certificate in the browser to be able to access the application.
When clientAuth is set to true, the system administrator must provide the certificate.pfx file for the end-users.
Database password encryption
In the config.properties file, the jdbc.password parameter is an encrypted password. To generate the encrypted password, perform the following steps:
Go to the following directory:
cd /var/lib/tomcats/intelligence/webapps/gbs-intelligence-server/WEB-INF/libExecute the command:
java -cp gbs-common-db-<version>.jar com.griaule.commons.util.EncryptUtil <desiredPassword>The encrypted password will be displayed after the message: “Encrypted password is:”
Application properties file
To configure the application properties file, open with:
vi /var/lib/tomcats/intelligence/conf/config.propertiesThe most important changes in this configuration file are the jdbc.url, jdbc.username, jdbc.password and gbds.url properties. Configure the parameters according to the environment.
The complete configuration file is shown in the Configuration File Example section.
Intelligence Configuration
The last step is configuring IP and port of the application that the end-user will access. It must be the same IP and port configured in the Tomcat Configuration section.
intelligence.ip=<ip>
intelligence.port=<port>
intelligence.protocol=<protocol>Make sure that the intelligence.ip, intelligence.port, and intelligence.protocol configuration parameters are correctly specified in the config.properties file. In many cases, the IP will be the same for various applications. However, each application will have a different and unique port.
Finish Configuration
After all configuration steps are complete, go back to the GBS Apps Setup Manual - Configuration Section.
Configuration File Example
This section shows an example of the config.properties file.
# /$$$$$$ /$$ /$$ /$$$$$$$$ /$$$$$$$$ /$$ /$$ /$$$$$$ /$$$$$$ /$$$$$$$$ /$$ /$$ /$$$$$$ /$$$$$$$$
# |_ $$_/| $$$ | $$|__ $$__/| $$_____/| $$ | $$ |_ $$_/ /$$__ $$| $$_____/| $$$ | $$ /$$__ $$| $$_____/
# | $$ | $$$$| $$ | $$ | $$ | $$ | $$ | $$ | $$ \__/| $$ | $$$$| $$| $$ \__/| $$
# | $$ | $$ $$ $$ | $$ | $$$$$ | $$ | $$ | $$ | $$ /$$$$| $$$$$ | $$ $$ $$| $$ | $$$$$
# | $$ | $$ $$$$ | $$ | $$__/ | $$ | $$ | $$ | $$|_ $$| $$__/ | $$ $$$$| $$ | $$__/
# | $$ | $$\ $$$ | $$ | $$ | $$ | $$ | $$ | $$ \ $$| $$ | $$\ $$$| $$ $$| $$
# /$$$$$$| $$ \ $$ | $$ | $$$$$$$$| $$$$$$$$| $$$$$$$$ /$$$$$$| $$$$$$/| $$$$$$$$| $$ \ $$| $$$$$$/| $$$$$$$$
# |______/|__/ \__/ |__/ |________/|________/|________/|______/ \______/ |________/|__/ \__/ \______/ |________/
# ***********************************************************************************************************************
# DATABASE (RDB)
jdbc.driverClassName=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://<db-ip>:3306/sphinx?useSSL=false
jdbc.username=<db-username>
jdbc.password=<db-password>
jdbc.dialect=org.hibernate.dialect.MySQLDialect
jdbc.showSql=false
# ***********************************************************************************************************************
# GBDS CONNECTION (& AUTHENTICATION LDAP ONLY)
gbds.url=http://<gbds-ip>:8085
gbds.user=<gbds-username>
gbds.key=<gbds-password>
gbds.logLevel=INFO
gbds.timeout=300
gbds.intelligenceUser=intelligence_server
# ***********************************************************************************************************************
# INTELLIGENCE * GUI
intelligence.ip=<intelligence-ip>
intelligence.port=8122
intelligence.protocol=http
locale=en_us
# ***********************************************************************************************************************
# INTELLIGENCE * CONFIGURATION
biometric.modules=FINGERPRINT,FACE
fingerprint.useSDK=true
highlight.labels=
listFields=KEY:documentID
pollingPagination.size=20
pollingPaginationMode=true
profile.cacheSize=100
same.user.simultaneous.login=false
server.standalone.port=8085
sync.logLevel=INFO
# ***********************************************************************************************************************
# ADDITIONAL CONFIGURATION
listFields=KEY:documentID
alwaysSearchExternalIDS=falseLast updated