Setting up the Cloud Server

One of the benefits of using the Cloud server is that you only need to perform the set-up once on the server, rather than separately on each user's workstation. This single-set-up process of installation, configuration and connection is described here.

Installation

To run the installer for Sparx Systems Cloud Services you must have administration permissions for installation on your system.

Run the installer as an administrator
Accept the license agreement
Specify the location of the target directory
Apply the options for installing the service itself, the management client and the IIS integration files
 

IIS Integration

IIS integration is not set up by default. Only the files are copied to the install target location.

Configuration File

In the service installation directory is the SCloudServices.config file. Edit this file to set the ports that the server will 'listen' on, and other configuration options (below). When you make changes to this file, you must restart the server for those changes to take effect; you can do this using the Windows Services list.

The first group of settings are for the TCP connection, followed by a list of global, or General, settings that are applied across the entire service.

 

TCP Connection

The TCP settings control the port used for administration tasks.

Setting

Description

SERVER_PORT=803

Sets the port to use when you connect to the administration client or opt to use the IIS integration instead of the integrated web server. It is recommended that this port is not exposed to external networks, as encryption cannot be applied to the port.

 

SERVER_PASSWORD=

The password to protect the administration functions of the server. This can also be changed directly within the Admin client.

 

 

General Settings

Setting

Description

DBMAN_DEFAULTMAXSIMQUERIES=10

The default maximum number of queries that can be run at a time for any configured database. This can be changed directly within the Admin client.

 

AUDIT_TIME_PERIOD=3600

The number of seconds between the recording activities on the system logs on each database.

 

TEMP_DIRECTORY=%SERVICE_PATH%\Temp

The location to which temporary files are written before they are sent to clients. You generally do not need to change this.

 

LOGGING_LEVEL=SYSTEM

Indicates how much text the server should provide when writing log files. The valid values are:

OFF
FATAL
WARNING
INFO and
SYSTEM

 
The value can be changed directly within the Admin client.

 

LOGGING_DIRECTORY=%SERVICE_PATH%\Logs

 

 

 

Collectively, identify where log files are written and how much history will be kept.

LOGGING_FILECOUNT=3

 

LOGGING_FILESIZE=1048576

 

 

HTTP Ports

In the Cloud server you can define a number of different ports to listen to http connections, each with a different configuration and each denoted in the config file with an open and close parenthesis on their own line.

(

SERVER_PORT=804

REQUIRE_SSL=0

DEFAULT_MODEL=

MODEL_AUTHENTICATION=

GLOBAL_AUTHENTICATION=user model

OSLC_SUPPORT=1

)

 

 

Setting

Description

SERVER_PORT

The port that the server will listen on for http connections. Each port must be unique and not be used by any other services on the machine.

 

REQUIRE_SSL

When set to 1, enables https on this port. This should be set to 1 for all connections that are being exposed on public networks, but it requires a private key (server.pem) to be included in the same directory before it will run.

 

DEFAULT_MODEL

Enables a single model to be exposed on a port, making it possible to use a different port for each model.

 

MODEL_AUTHENTICATION

Can be set to 1 to request http authorization using the list of security users in the model being connected to.

Note that if you are not using SSL to connect, the usernames and passwords will be sent in plain text. This option is mutually exclusive with GLOBAL_AUTHENTICATION.

 

GLOBAL_AUTHENTICATION

Can be set to the name of a model with security enabled that will provide the list of users for all models provided by the connection. This is helpful if you want to provide multiple models but only manage one list of users. This option is mutually exclusive with MODEL_AUTHENTICATION.

 

OSLC_SUPPORT

Enabled by default (set to 1) to enable models to be queried using the Open Services for Lifecycle Collaboration (OSLC) standard. (See OSLC Requirements Management.)

Set to 0 to disable the use of OSLC.

 

 

Configure Models

Once your service is configured, you can connect to the Admin client to configure any databases you want to provide using the Cloud server.

Step

Action

See also

1

Open the Admin client.

An empty list of Database Management Systems displays.

 

 

2

Click on the Add button to configure a new DBMS.

A dialog displays in which you provide the connection string that the server should use when connecting to a model. If you are running the Admin client on the same machine as the server you can click the ellipsis (...) button to open the Data Link Properties dialog to build the connection string.

This dialog also helps you to create a new Firebird database with all tables set up. This is the easiest way to get a connection running; just enter the model name followed by .fdb.

 

 

Server Based Repositories

3

Once you have added one or more Database Managers, they are included in the list in the main dialog.

Select any of these and click on the Configure button to allow connections to the model. A number of options are provided for the selected model.
 

Accept Queries - must be set to enable users to connect to this database
 
Max Simultaneous Queries - allows you to control the maximum number of simultaneous connections that will be created to this model; when the database was created the maximum number came from the system setting for this option
 
To tweak constraints of system performance against resource usage, you can look at the audit history for each database to see how many connections have been used in the specified time period
 
Run Scheduled Tasks - allows the server to run periodic updates to this model
 
Read-only connection - allows a model to be shared but blocks any changes
 
Require a secure and authenticated connection - flags that security is required for this model; no connections will be accepted unless via https, with either Model Authentication or Global Authentication set
 

 

 

 

 

 

 

 

 

 

Additional Functionality Using the Cloud

 

Security Considerations

As with any web connected service, you should consider a number of security concerns when setting up a new service.

If any data is considered private, always use an https connection and require user authentication; there is an option on the database itself to set this
There is an implicit trust in sharing a model with anyone; security is available to prevent users doing things that they shouldn't, but because Enterprise Architect allows user-written SQL to be used in queries in a number of places, any information can be at least retrieved
 
Be aware, this includes user names and hashes of their passwords, although this can be prevented by using Global Authentication instead of Model Authentication (see above)
 

Learn more