wiki:Software/Configuration/MuaToWeb
Last modified 7 years ago Last modified on 08/01/12 22:05:25

How To: Configure the MUA and RaptorWeb to communicate

For an MUA and an RaptorWeb to communicate two things need to be done:

  1. Metadata for the MUA (e.g. web service URLs) needs to be configured in RaptorWeb (see Section 1)
  2. Public key information for each needs to be exchanged (see Section 2)

1. Swapping Metadata

RaptorWeb needs to know some information about the MUA (specifically its web service URL) in order to communicate with it.

If RaptorWeb and the MUA are located on different machines, then RaptorWeb will need to be reconfigured to point to the machine on which the MUA resides. To do this, do the following.

Open the web/conf/mua-endpoints.xml file on the server hosting RaptorWeb and find the bean labelled "muaRegistry". Find the property labelled "MUAEntries". In that bean will be a property labelled "serviceEndpoint". The default value of this will be:

https://localhost:8111/MUA/MultiUnitAggregator

Change this value to the correct value for the server hosting your MUA. For example, assuming you didn't change the port or contextPath in the MUA's server.properties file and the MUA is running on a server called "raptor.example.com", this should be changed to:

https://raptor.example.com:8111/MUA/MultiUnitAggregator

2. Swapping Keys

The MUA and RaptorWeb that are going to communicate need a copy of each other's public key to enable this communication.

When the MUA and RaptorWeb are installed, a DER encoded version of their public keys are saved in their home directory's keys information as raptor-mua-public.crt and raptor-web-public.crt respectively (see this wiki page for further information). Swapping these keys involves the following process.

2.1 On the MUA

  1. Copy RaptorWeb's public key from its keys directory (web/keys/raptor-web-public.crt on RaptorWeb's server) to the a temporary directory (e.g. /tmp or ~/) on the MUA server (using SCP or your other favourite file transfer protocol). The rest of these instructions will assume you copied it to /tmp/.
  1. In the MUA's truststore (authorised-keys.jks), import RaptorWeb's public key, by:
    • Navigating to the MUA's keys directory (/opt/raptor/mua/keys on Linux, C:\Program Files\Raptor\MUA\keys on Windows)
    • Running the following command:
      # keytool -import -keystore authorised-keys.jks -storepass changeit -alias raptorweb -file /tmp/raptor-web-public.crt
      
      • Note that this assumes that Java's bin directory is in the PATH, and that you have not yet changed the keystore password of the authorised-keys.jks file. If either of these assumptions are incorrect you will have to modify the command above accordingly.
  1. Delete the temporary copy of RaptorWeb's key.
    • e.g. on Linux
      # rm /tmp/raptor-web-public.crt
      

2.2 On RaptorWeb

Do the same as above, but in reverse. That is:

  1. Copy the MUA's public key from its keys directory (mua/keys/raptor-mua-public.crt on the MUA server) to the a temporary directory (e.g. /tmp or ~/) on RaptorWeb's server (using SCP or your other favourite file transfer protocol). The rest of these instructions will assume you coped it to /tmp/.
  1. In RaptorWeb's truststore (authorised-keys.jks), import the MUA's public key, by:
    • Navigating to RaptorWeb's keys directory (/opt/raptor/web/keys on Linux, C:\Program Files\Raptor\Web\keys on Windows)
    • Running the following command:
      # keytool -import -keystore authorised-keys.jks -storepass changeit -alias raptormua -file /tmp/raptor-mua-public.crt
      
      • Note that this assumes that Java's bin directory is in the PATH, and that you have not yet changed the keystore password of the authorised-keys.jks file. If either of these assumptions are incorrect you will have to modify the command above accordingly.
  1. Delete the temporary copy of the MUA's key.
    • e.g. on Linux
      # rm /tmp/raptor-mua-public.crt
      

3. Restarting components

Restart both the MUA and RaptorWeb so that they reread their authorised-keys.jks files.