Ceptor - Get a Free Trial

Configuration Quick-Guides

Owned by Kim Rasmussen
Last updated: Jan 22, 2019 by Patrick Ahmed (Unlicensed)
4 min read

Adding a New Server to the Dispatcher

To add a new server to the dispatcher, follow these steps;

  1. Go to the Configuration, and select the “dispatchers” abstract server entry.
  2. Click on the group “Alternate web servers”
  3. Add the following properties (xxxx is a logical name of your new server, like “appstuff”
    1. “alternateserver.xxxx.targets” Must contain a list of one or more mirrored servers that host this application. Example: “hostname1:8080,app1;hostname2:8080,app2”
    2. “alternateserver.xxxx.pingurl” Must point to an URL on the servers that returns HTTP code 200 if the server is up – anything else is considered to be an indication that the server is down. Example: “/app/pingServlet”
  4. Optionally add the other parameters for an alternate server, e.g. “alternateserver.xxxx .urlLoginRequired” or “alternateserver.xxxx.concurrentConnectionsLimit” listed in the configuration reference section of this document.
  5. Modify the “alternateservers” property, and add the new server “xxxx” (replace xxxx with the logical name you selected)
  6. Create a “serverrule.xx”where xx is the next number in the sequence. It should look like this example: “serverrule.xx=xxxx;host=1234.portalprotect.dk” where xxxx is the logical name of the alternate server you selected, and 1234.portalprotect.dk is replaced with the real hostname.
  7. Remember that names ARE case sensitive by default, and the ping URL must match the case of the URL on the server exactly. Most of the entries are optional, if not specified then the default will be used. The default in each case is the configuration parameter with the same name (without the alternateserver.xxxx.), e.g. the default for alternateserver.xxxx .urlAuthenticationFailedRedirect is taken from urlAuthenticationFailedRedirect.

If you need to ignore case on the comparisons, you can type the serverrule as “serverrule.xx=ignorecase;xxxx;host=1234.portalprotect.dk” – this means that if “ignorecase;” is specified before the rest of the string, then case will not matter in the comparisons.
Also note that you can use wildcard matching, e.g. host=*.portalprotect.dk.
Refer to the detailed list of configuration entries at the end of this document for more in-depth details of the format of each configuration entry.
After adding the server, you can verify its status by viewing the Server Status on one of the dispatcher servers. There you can scroll down past the ACL History, and see the current status of the configured servers.

Adding a New Agent to the Ceptor Server

This section describes how to add a new Ceptor Agent, such as the one inside the WebLogic security plugins to the Ceptor Server.

  1. Go to the Ceptor Console, and select Configuration right-click in the server view and add a new server entry.
  2. Enter the name you want for the new server, such as “someapplication1”, along with a description of it.
  3. Enter “webserver” in the type field.
  4. Type “webservers” (notice the plural) in the extends field, if your configuration contains an entry called “webservers” already.
  5. Create the new entry.
  6. Now, you have added a new server entry to Ceptor, you will also need to add a few configuration properties to it. Select the server name you have just created, e.g. “someapplication1”.
  7. Click on the name, right click and “Add new group”, enter “general” in the group name, and save it.
  8. If you have any properties you need to define, you can now add them here.
  9. Select the server entry “configservers”
  10. Expand the group “Security”, and select the property “remote.servers”, now add the IP address or hostname of the computer where the agent is installed to the list.
  11. If you want to restrict access to this configuration entry to a specific list of clients, also ensure that the IP address or hostname is in the list in “configuration.remote.servers” for the new "someapplication1" application you created.

Comparing New and Old Configuration Files

Every time the configuration file is changed a backup of that configuration file is made by the Ceptor configuration server in a directory called “configuration-backup” located where the Ceptor configuration file is. The Ceptor configuration server saves up to 50 backups of the configuration.

Comparing Configuration Files on the Command Line

It is possible to compare different Ceptor configuration files on the command line. A diff tool provides you with the capability to do this manually but also in build scripts and batch jobs since the diff tool process will return mixed values based on the compare result.

You can execute the java class: dk.itp.util.diff.ConfigDiff – it will print its usage information similar to the following:
dk.itp.util.diff.ConfigDiff usage
dk.itp.util.diff.ConfigDiff [options] <file1> <file2>
Compares PortalProtect configuration XML files. 
Will show different servers, and different configuration entries the in same servers
Options:
 -noextends Do not resolve recursive extends.
 -noabstract Ignore servers of type "abstract".
 -nofileinfo Use this if file information should not be shown
 -nokeydiff Use this if the property keys should not be matched
 -novaluediff Use this if the property values should not be matched
 -nostatusprint do not print status to the given output (overrides all)
 -novaluesonkey do not print out values on key diff
 -novaluesonvalue do not print out values on value diff
 -notrimvalue do not trim the value length when sending to output
 newfile The new file to load
 oldfile The old file to compare to
Example:
java dk.itp.util.diff.ConfigDiff ceptor-configuration.xml ceptor-configuration.xml.backup

Example:
java –classpath PortalProtectAgent.jar;log4j.jar dk.itp.util.diff.ConfigDiff ceptor-configuration.xml /productionbackup/ceptor-configuration.xml

This will compare the configuration located in the current directory with the one in the /productionbackup directory.

When using the ConfigDiff from a batch file or a build script it is possible to react on these different process return codes:

  • 0 – Configuration input files match
  • 1 – Configuration input files do not match
  • 5 - Parameters are incorrect for program to start (not enough or not known)
  • 10 - unexpected startup error (class not found or similar)
  • 20 - unable to load a file given from an argument
  • 30 - unable to read configuration from the given file (file may be lock or simply unreadable)


© Ceptor ApS. All Rights Reserved.