Operations

This section explains how to perform post-installation operations for 3DPassport.

Note: When you install 3DPassport on Windows, if you choose to use embedded TomEE+, all the relevant settings (JVM, log paths, ..) can be found in the Windows registry under:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Apache Software Foundation\Procrun 2.0\3DPassport_R2022x

This task shows you how to:

Check that safetodelete.txt does not exist before starting the application server

For embedded TomEE+, check that the following file does not exist:

  • <3DPassportInstallPath>\win_b64\code\tomee\webapps\safetodelete.txt on Windows
  • <3DPassportInstallPath>/linux_a64/code/tomcee/webapps/safetodelete.txt on Linux.

For External TomEE+

  • <externalTomEEInstallPath>\webapps\safetodelete.txt on Windows
  • <externalTomEEInstallPath>/webapps/safetodelete.txt on Linux.

3DPassport SSO session timeouts

By default, the following timeouts applies for 3DPassport SSO session:

  • 2h (renewed each time you use it to SSO some service) if you don’t check the remember me check box at the login step.
    On the cloud only: the default SSO timeout is 24h.
  • 1 week if you check the remember me check box at the login step

You can change this policy by changing the properties.

  1. Edit 3DPassport cas.properties file:

    For external TomEE+ on Linux , go to <externalTomEEInstallPath>/webapps/3DPassport/WEB-INF/classes/cas.properties

    For external TomEE+ on Windows, go to <externalTomEEInstallPath>\webapps\3DPassport\WEB-INF\classes\cas.properties

    For embedded TomEE+ on Linux , go to<3DPassportInstallPath>/linux_a64/code/tomee/webapps/3DPassport/WEB-INF/classes/cas.properties

    For embedded TomEE+ on Windows, go to <3DPassportInstallPath>\win_b64\code\tomee\webapps\3DPassport\WEB-INF\classes\cas.properties

  2. Change server side and client side (browser/rich client cookies age) settings accordingly: 

    # client side cookie max age (in seconds): 
# only applies if you have set a hard timeout on server side
# value must be >= cas.session.timeout.hard
# default: 1 week
cas.cookie.maxAge=604800

    # client side cookie max age (in seconds): 
# value must be >= cas.session.timeout.rememberMe
# default value: 1 week
cas.cookie.rememberMeMaxAge=604800

    #server side session timeout (in milliseconds):
#this is a sliding window timeout, renewed each time SSO is performed
#default value: 2h
cas.session.timeout.sliding=7200000

    # server side session timeout (in milliseconds):
# this a hard window timeout, not dependent of user SSO activity
# default value: -1 (disabled)
cas.session.timeout.hard=-1

    # server side session timeout (in milliseconds):
# this a hard window timeout, not dependent of user SSO activity
# default value: 1 week
cas.session.timeout.rememberMe=604800000

  3. Start and Stop the external / embedded TomEE+ as described in this section.

Redeploy (when necessary) the 3DPassport service (stop / start TomEE+, archive)

  1. Through SSH, go to the TomEE+ instance installation path where the 3DPassport service is deployed.

    Note that, depending on you shutdown/startup script, you should be logged in as the applicative user dedicated for 3DPassport products.

  2. Stop TomEE+.

    For embedded TomEE+:

    • stop the 3DEXPERIENCE R2022x 3DPassport TomEE+ service on Windows
    • run: <3DPassportInstallPath>/linux_a64/code/tomee/bin/shutdown.sh -force on Linux.

    For external TomEE+, run:

    <externalTomEEInstallPath>\bin\shutdown.bat on Windows

    <externalTomEEInstallPath>/bin/shutdown.sh -force on Linux

  3. Kill the java process running this TomEE+ instance if shutdown failed.
  4. Delete recursively the subdirectory .\webapps\3dpassport/ on Windows or ./webapps/3dpassport/ on Linux.
  5. Restart TomEE+.

    For embedded TomEE+:

    • restart the 3DEXPERIENCE R2022x 3DPassport TomEE+ service on Windows
    • run: <3DPassportInstallPath>/linux_a64/code/tomee/bin/startup.sh on Linux.

    For external TomEE+, run:

    <externalTomEEInstallPath>\bin\startup.bat on Windows

    <externalTomEEInstallPath>/bin/startup.sh on Linux

    The subdirectory .\webapps\3dpassport\ on Windows or ./webapps/3dpassport/ on Linux should be recreated automatically.

Configure external TomEE+ Windows Service

External TomEE+ on Windows as a service needs additional configuration:

Edit the TomEE+ windows service settings by running the following command (with Administrator rights):

<3DDashboardInstallPath>\win_b64\code\command\ExternalTomEE_updateService.bat <TomEEServiceName>

This command line updates the external TomEE+ service registry.

Warning:
  • Executing this command-line several times would create duplicate setting entries in the registry.
  • The external TomEE+ service registry is not cleaned when uninstalling the 3DPassport application.

  • See the TomEE+ Windows service documentation pages for editing and cleaning the service settings stored at the following locations in the Windows Registry:

    • Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Apache Software Foundation\Procrun 2.0\<TomEEServiceName>\Parameters
    • Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Apache Software Foundation\Procrun 2.0\<TomEEServiceName>\Parameters\Java

Change Installation Parameters

You may need to change parameters defined during the latest 3DPassport installation.

Using the reconfiguration tool, you can modify the installation parameters without reinstalling the whole service.

For more information, see .Installation and Setup: Install: 3DEXPERIENCE Platform: Reconfiguring the 3DEXPERIENCE Platform Installation

Configure the 3DEXPERIENCE platform with a single FQDN

To install the 3DEXPERIENCE platform with a single FQDN, you must have one cookie name per service to handle session affinity, and avoid getting some service cookies overridden by other cookies. In that case, you need to update the configuration after the 3DPassport service installation, to send the cookie name to the shared configuration.

  1. Edit 3DPassport cas.properties file:

    For external TomEE+ on Linux , go to <externalTomEEInstallPath>/webapps/3DPassport/WEB-INF/classes/cas.properties

    For external TomEE+ on Windows, go to <externalTomEEInstallPath>\webapps\3DPassport\WEB-INF\classes\cas.properties

    For embedded TomEE+ on Linux , go to <3DPassportInstallPath>/linux_a64/code/tomee/webapps/3DPassport/WEB-INF/classes/cas.properties

    For embedded TomEE+ on Windows, go to <3DPassportInstallPath>\win_b64\code\tomee\webapps\3DPassport\WEB-INF\classes\cas.properties

  2. Update the property as follows cas.lb.stickysession.cookie.serverid.name=3DPASSPORTSERVERID
  3. Add all authorized ServerId name:

    For external TomEE+ on Linux <externalTomEEInstallPath>/webapps/3dpassport/WEB-INF/spring-configuration/applicationContext-cas.xml

    For external TomEE+ on Windows <externalTomEEInstallPath>\webapps\3dpassport\WEB-INF\spring-configuration\applicationContext-cas.xml

    For embedded TomEE+ on Linux <3DPassportInstallPath>/linux_a64/code/tomee/webapps/3dpassport/WEB-INF/spring-configuration/applicationContext-cas.xml

    For embedded TomEE+ on Windows <3DPassportInstallPath>\win_b64\code\tomee\webapps\3dpassport\WEB-INF\spring-configuration\applicationContext-cas.xml

    Key = name of the variable in the URL o Value = name of the cookie

    <bean id="serverIdCookieParamNames" class="java.util.HashMap">
<constructor-arg>
<map>
<entry
key="3dspaceserverid"
value="3DSPACESERVERID" />
<entry
key="3ddashboardserverid"
value="3DDASHBOARDSERVERID" />
<entry
key="3dsearchserverid"
value="3DSEARCHSERVERID" />
<entry
key="3dswymserverid"
value="3DSWYMSERVERID" />
<entry
key="3dcommentserverid"
value="3DCOMMENTSERVERID" />
<entry
key="${cas.lb.stickysession.serverid.param.name:serverId}"
value="${cas.lb.stickysession.cookie.serverid.name:SERVERID}" />
</map>
</constructor-arg>
</bean>

  4. Start and Stop the external / embedded TomEE+ as described in this section.

Use the Diagnosis Tool

Once the 3DEXPERIENCE platform has been installed, you can use the Diagnosis tool to check that the services have been correctly installed and configured.

For more information, see Installation and Setup: Install: 3DEXPERIENCE Platform: Diagnosing the 3DEXPERIENCE Platform Installation

Creating End User Passport Data Manually in the Local Database

This section explains how users create passports in the local sqldb database using the 3DPassport service.

This method enables end users to create passport credentials manually, quickly and easily. Each time a user is created using this method, it is added directly into the local sqldb database.

  1. Communicate the 3DPassport service URL to end users.

    The URL syntax is:

    https://passport_hostname.domain:port

  2. As end user, open your browser and connect to the 3DPassport service by entering the URL.
  3. Click Create an account and fill in the form to create the account, then click the Submit button.

    The account you created is stored in the local sqldb database.

  4. Create any additional users, if necessary.

    If you are installing from scratch, if you keep the administrator user name proposed by default, admin_platform, for all servers, you do not need to create users during post-installation. If you have a different administrator user for 3DSpace, for example in the event of an upgrade from a previous release without 3DPassport, create it in 3DPassport.

    If you are upgrading from an earlier release, the user admin_platform will still be created during 3DPassport installation and will need to be manually created in the 3DSpace server using the Manage P&O and Content command.

    If you are upgrading from an earlier release, users should be created with user IDs with the same case as 3DSpace user IDs.

    The section "Migrating Existing Users Created in an Earlier Release" in Installation and Setup - Install - 3DEXPERIENCE Platform - Installing 3DEXPERIENCE Platform Services for the First Time - Installing Services One-by-One - Installing 3DSpace - 3DSpace Installation - Post-Installation explains how to import these users in batch mode.