Setup communication between OnePart and 3DPassport

You must follow the procedures below to setup OnePart in 3DDashboard and inside CATIA. URL variables used:

This task shows you how to:

Trust 3DPassport's SSL certificate

OnePart must be able to communicate with the 3DPassport (CAS authentication server). As communication with 3DPassport is done using an HTTPS connection, the SSL certificate of the 3DPassport must be known by OnePart.

  1. Open PASSPORT_URL in a browser.
  2. Save the server certificate to ONEPART_INSTALLDIR\DATADIR\security.
  3. Use keytool utility to import certificate to OnePart keystore:
    1. cd to ONEPART_INSTALLDIR\datadir\security folder
    2. run ..\..\software\cloudview-installdir\amd64-win64\java-jre\bin\keytool.exe -importcert -alias passport -file passport.cert -keystore trusted.servers.ks
    3. When prompted for the keystore password, type exalead.
  4. Restart OnePart.

Use 3DPassport for authentication

The OnePart back-end must be setup to match the installation URLs of 3DPassport and OnePart. In order for OnePart to use 3DPassport for authentication, you must disable the native authentication as follows.

  1. Edit ONEPART_INSTALLDIR\datadir\config\CustomConfigs.xml
  2. Edit the casSecurity custom configuration:
    1. Look for the line <CustomConfig name="casSecurity">
    2. Edit the configuration to meet your needs (replace PASSPORT_URL and ONEPART_EXTERNAL_URL by their actual values). See CAS Security code sample below.
  3. For the embedding custom configuration:
    1. Look for the line <CustomConfig name="embedding">
    2. Change the securityProvider value from appSecurity to casSecurity for the default profile. See Embedding code sample below.
  4. Run ONEPART_INSTALL\datadir\bin\buildgct.exe and restart OnePart.

    This can be done from the Exalead CloudView Administration Console, or by restarting the service.

CAS Security - CustomConfig.xml

For OnePart in 3DDashboard, you must update the URL variables for casSecurity.

<!-- List of parameters to override CAS security provider configuration -->
<CustomConfig name="casSecurity">
    <ns2:KeyValue key="className" value="CAS"/>
    <ns2:KeyValue key="authenticateTo" value="NONE"/>
    <ns2:KeyValue key="source" value="cas_filter"/>
    <ns2:KeyValue key="casTicketValidationFilter" value="Cas20" />
    <ns2:KeyValue key="AllowProxyTickets" value="true"/>
    <ns2:KeyValue key="casServerLoginUrl" value="PASSPORT_URL/login"/>
    <ns2:KeyValue key="casServerUrlPrefix" value="PASSPORT_URL"/>
    <ns2:KeyValue key="casServerLogoutUrl" value="PASSPORT_URL/logout"/>
    <ns2:KeyValue key="serverName" value="ONEPART_EXTERNAL_ROOT_URL"/>
    <ns2:KeyValue key="displayNameAttributes" value="name;firstName,lastName"/>
</CustomConfig>

Embedding - CustomConfig.xml

For OnePart in 3DDashboard, you must change the securityProvider value from appSecurity to casSecurity for the default profile in the last line as shown below.

<CustomConfig name="embedding">
    <ns2:KeyValue key="profiles">
        <ns2:KeyValue key="default">
             <ns2:KeyValue key="actions">
                  <ns2:KeyValue key="download" value="true"/>
                  <ns2:KeyValue key="openInSource" value="true"/>
                  <ns2:KeyValue key="open" value="false"/>
                  <ns2:KeyValue key="insert" value="false"/>
                  <ns2:KeyValue key="replace" value="false"/>
                  <ns2:KeyValue key="share" value="true"/>
                  <ns2:KeyValue key="publish" value="false"/>
                  <ns2:KeyValue key="logout" value="true"/>
              </ns2:KeyValue>
              <ns2:KeyValue key="partFormatTraceparts" value="all"/>
              <ns2:KeyValue key="partFormat3dcc" value="all"/>
              <ns2:KeyValue key="useEventAPI" value="false"/>
              <ns2:KeyValue key="securityProvider" value="casSecurity"/>