CM/Archive
CM/Archive is a ConSol CM extension which allows to archive tickets from ConSol CM. It is a separate Java web application with a MongoDB database.
Installing and setting up the MongoDB database
The first step is to install the MongoDB. You can find a detailed description in the respective MongoDB documentation for your operating system:
- Linux: https://www.mongodb.com/docs/manual/administration/install-on-linux/
- Windows: https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-windows/
The next step is to configure the CM/Archive user with the corresponding authentication. Please proceed as follows:
-
Start the MongoDB instance without authentication
Use the following command to start the MongoDB instance without authentication:
mongod --port 27017 --dbpath /data/archiveThe
mongodoptions have the following meaning:--port: Indicates the database connection port. The default value is 27017.--dpath: Defines the directory where the MongoDB instance stores its data. The default value is/data/dbon Linux and macOS, and\data\dbon Windows.--bind_ip: Use this option to provide the IP address if you want to change the default value (localhost, 127.0.0.1).
Please see the mongod documentation for further information about the options.
-
Connect to the MongoDB instance
Use the following command to connect to the MongoDB instance:
mongo --host 127.0.0.1:27017The following output should be displayed:
MongoDB shell version v3.6.4
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.6.4
> -
Create the administrator user
The administrator user has to be created in the
admindatabase with the roleuserAdminAnyDatabase. The administrator user has only permissions to create and manage users and roles. It cannot be used for any other operations, e.g., reading data. The following command can be used to create the administrator user:use admin
db.createUser(
{
user: "admin",
pwd: "consol",
roles: [ { role: "userAdminAnyDatabase", db: "admin" } ]
}
) -
Restart the MongoDB instance with access control
Disconnect the MongoDB shell and restart it with the
--authoption or, if you use a configuration file, thesecurity.authorizationsetting. The following command can be used to restart the MongoDB instance:mongod --auth --port 27017 --dbpath /data/archiveClients that connect to this instance must now authenticate themselves as a MongoDB user. They can only perform actions as determined by their assigned roles.
-
Connect with the administrator user
Use the following command to connect to the MongoDB instance with the above created administrator user:
mongo --host 127.0.0.1:27017
use admin
db.auth("admin", "consol") -
Create the CM/Archive user
Create the CM/Archive user
archivewith the databasearchivedbusing thedb.createUser()command. The user needs to have thereadWriterole, as shown in the following example:use admin
db.createUser(
{
user: "archive",
pwd: "consol",
roles: [ { role: "readWrite", db: "archivedb" } ]
}
) -
Connect with the CM/Archive user
Use the following command to connect to the MongoDB instance with the above created CM/Archive user:
mongo --host 127.0.0.1:27017
use admin
db.auth("archive", "consol")
use archivedb
Installing and setting up the CM/Archive application
CM/Archive is a Spring boot application which can be deployed in an application server or executed as a standalone Java application.
You need to make the following settings in the archive-prod.properties files which needs to be saved in the same directory as the jar file of CM/Archive.
The following list states the meaning of the properties:
- archive.cm6.endpoint: This is the URL and port where the ConSol CM instance is executed.
- archive.oauth2.access.token.signing.key: Secret shared between the authorization server and client application using OAuth2, needs to match the ConSol CM system property
cmas-auth-server, access.token.signing.key - archive.oauth2.client.secret: Secret shared between the authorization server and CM/Archive, needs to match the ConSol CM system property
cmas-auth-server, client.archive.secret - archive.mongodb.database.name: This is the name of the MongoDB database as created in step 6 above.
- archive.mongodb.uri: Username and password of the CM/Archive user, and URL of the MongoDB instance
Example configuration:
archive.cm6.endpoint=http://127.0.0.1:8888
archive.oauth2.access.token.signing.key=94623427-5a74-11e8-a6eb-6127838b1c93
archive.oauth2.client.secret=94623428-5a74-11e8-a6eb-6127838b1c93
archive.mongodb.database.name=archivedb
archive.mongodb.uri=mongodb://archive:consol@127.0.0.1:27017/?&journal=true&w=majority&maxPoolSize=1000
Setting the system properties for CM/Archive in the Web Admin Suite
You need to make the following settings on the System properties page of the Web Admin Suite:
Module cmas-archive-core-server:
- archive.uri: URL from which the CM/Archive application can be accessed.
Module cmas-auth-server:
- access.token.signing.key: Secret shared between the authorization server and client application using OAuth2, needs to match
archive.oauth2.access.token.signing.keyin the configuration file. - client.archive.access.token.validity.seconds: Validity period in seconds of the access token required for using CM/Archive, default 43200.
- client.archive.refresh.token.validity.seconds: Validity period in seconds of the refresh token required for obtaining new access tokens for CM/Archive, default 2592000.
- client.archive.secret: Secret shared between the authorization server and CM/Archive, needs to match
archive.oauth2.client.secretin the configuration file.
Starting CM/Archive
You can start CM/Archive using the following command:
java -jar cm-archive-$VERSION.jar --spring.profiles.active=prod
By default, CM/Archive starts on port 8080. You can choose a different port by adding, e.g., --server.port=8090 to the command.
Alternatively, you can create a start script for CM/Archive. Please contact the ConSol CM support for an example.