Post-installation Configuration #8737/v2515 |
Post-installation ConfigurationTable of Contents
Signing In the First TimeOnce the codeBeamer server is started, you can access it from your browser and start configuring it. To access codeBeamer, start your web browser and enter this URL to access codeBeamer's main site: http://hostname:8080 (use your hostname and the port you configured) Configuration OptionsMail Server (SMTP)After logging on as a System Administrator, click on the System Admin link and click Outgoing Email Connection. See Administrator's Guide User Account Registration MethodAfter logging in as System Administrator, click on the System Admin link and click Miscellaneous . See Administrator's Guide Maximum Document Upload SizeBy default, the maximum document size that can be uploaded in codeBeamer is 5GB (starting with version codeBeamer 7.7.2). To change this limit (to for example 2GB), edit <cb-installation-dir>/tomcat/webapps/cb/WEB-INF/classes/my-applicationContext.xml and add the block below: <bean id="uploadLimit" class="java.lang.Long"> <constructor-arg value="5368709120"></constructor-arg> <!-- 5 gigabytes --> <!-- constructor-arg value="1048576"/ --> <!-- 1 megabyte --> <!-- constructor-arg value="102400"/ --> <!-- 100 kilobytes --> </bean> After editing the file codeBeamer must be re-started.
Starting from release 9.4 it can be changed by setting "uploadFileSizeLimit" setting in Application Configuration in "interactive" section: "interactive": { "uploadFileSizeLimit":1610612736 } Database Connectivity (Database Host, Username, Password)codeBeamer is shipped and pre-configured to use Derby database that should be used only for evaluation purposes. For production either MySql or Oracle should be used. Please refer documents below how to configure codeBeamer: JVM VersionThe JVM of an existing CB installation can be configured for different JVM versions. Linux, Unix, Solaris, MAC-OSIf codeBeamer finds JRE/JDK 1.6.x or higher in PATH that will be used, otherwise the version shipped with codeBeamer. Windows
JVM Memory Heap SizeFor performance tuning or if you get (Java OutOfMemoryError) exceptions you can configure the JVM heap size. Linux, Unix, Solaris, MAC-OS
Windows (Service mode)
Please note:
Installing SCMLoopThe installation takes place on the SCM server machine. This takes typically a few minutes. Please follow the instructions given in the installation manual ScmLoop.pdf, which is part of <cb-installation-dir>/tomcat/webapps/cb/scmloop.zip. SCMLoop System RequirementsSCMLoop works on Linux, Unix and Windows operating systems. On the SCM server site, a script installation is required, the script requires Java run time 1.6 or higher environment on the machine. MySQL Database BackupsDump the complete codeBeamer database (including stored procedures) with the command: mysqldump --routines --protocol=tcp -u cbroot -pcbpassword --single-transaction codebeamer External Network Storage for DocumentsThis feature is discontinued starting with version 7.5!Different network systems can be used for different projects. CodeBeamer can be configured to store documents using either remote file systems or network storage systems. These configurations allow codeBeamer to manage a large number of documents or provide high security, depending on the project's needs. The mount point to the external system should be configured in <cb-installation-dir>/tomcat/webapps/cb/WEB-INF/classes/general.xml, in the line: <document display-plain-text-as-html="false" storage-path="" relocatable="false"></document> using the storage-path and relocatable parameters. The codeBeamer server must have r/w permissions on the file system and the external file system must be accessible before CodeBeamer server is started. If storage-path is not empty it must contain a directory name where all codeBeamer documents should be stored instead of the default: <cb-installation-dir>/repository/docs If relocatable is set to true the system administrator can specify via GUI for any project where the codeBeamer documents of the project should be stored. Figure: System Administrator GUI for Project Document Storage Location Definition You must login to see this link. Register now, if you have no user account yet. Figure: System Administrator GUI for Resetting the Mount Point You must login to see this link. Register now, if you have no user account yet. Account Password policy when not using LDAPWhen a user logs in to codeBeamer, the authentication will follow with user account and password. To install a special policy to assure the security quality of entered passwords, assign a regular expression to the attribute 'passwordPolicy' of the <login> section in CB_HOME/tomcat/webapps/cb/WEB-INF/classes/general.xml file. For example: To require passwords to be at least 6 chars long and to contain at least one lower case letter, one upper case letter, one digit and one special character @#$%^&+= <login ... passwordPolicy="^.*(?=.{6,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=]).*$" >Please note that the regular expression code specified in passwordPolicy is an XML attribute value, therefore certain characters have to be escaped according to XML standards (as in our example the ampersand character "&" is substituted with "&"). This is important because a syntactical error in general.xml configuration file can cause codeBeamer to fail at startup. See more on regular expressions on https://docs.oracle.com/cd/E19683-01/817-0717/6mggffse0/index.html, and a tutorial and overview of regular expressions in Mastering Regular Expressions, Jeffrey E. F. Friedl, O'Reilly and Associates, 1997, ISBN: 1-56592-257-3.
LDAP and Active Directory IntegrationLDAP AccesscodeBeamer allows you to authenticate users against an existing LDAP/Active Directory server, in addition to or instead of maintaining your own user accounts.
to examine your directory and find out the appropriate settings, before trying to configure codeBeamer accordingly.
LDAP/Active Directory can be configured via System Admin → User Authentication :
You must login to see this link. Register now, if you have no user account yet.
Take care when increasing or disabling these timeouts, otherwise slow or non-responding LDAP servers can also slow down or stall codeBeamer!
If login via a Distinguished Name (e.g. "cn=Manager,dc=intland,dc=com") fails, you should try the users domain name (sAMAccountName@domain): e.g. "Manager@intland.com". You must also set Referrals="follow".
To enable/disable the user authentication against the LDAP/Active Directory, check/uncheck the appropriate option. If disabled, only the internal codeBeamer accounts will be used.
You must login to see this link. Register now, if you have no user account yet.
There are two methods to map a codeBeamer user (by login name) to the appropriate LDAP/AD user entry. Lookup userIf the distinguished name (DN) of the user's LDAP entry contains the username presented for authentication, and is otherwise the same for all users, it is best to lookup users by DN, where as is the distinguished name (DN) pattern (relative to Base domain), with "{0}" marking where the username should be substituted. Search userIf looking up users by distinguished name pattern is not applicable for you, you must perform a user search:
Users, that were found in LDAP/Active Directory but where the LDAP/Active Directory authentication failed, are always rejected (independend of the fallback setting)!
If not all users contained in the search scope should be allowed to log into codeBeamer, you can define a special group, e.g. ("codeBeamer") in Active Directory, and only make the users that should be allowed to log in to codeBeamer members of that group.
You should then extend the default Search with: sAMAccountName={0} to also check group membership, e.g. (&(sAMAccountName={0})(objectCategory=person)(objectClass=user)(memberOf=<distinguished name of group>))
Active Directory ForestsAn Active Directory installation may support multiple domains at the same time. To distinguish users between domains, an identifier called a User Principle Name (UPN) can be added to a user's entry in the directory. This UPN usually takes the form of the user's account name, followed by the domain components of the particular domain, for example somebody@nz.example.com.
User Attribute Synchronization
User RegistrationIn codeBeamer 10.1 and newer, there is a new Registration setting, that defines, whether LDAP/Active Directory users, that match the Lookup/Search criteria (see above), can log into codeBeamer, even if they do not have a codeBeamer user account yet:
In codeBeamer 10.0 and older, there is no Registration setting:
Testing server connection, authentication and user attribute mappingYou must login to see this link. Register now, if you have no user account yet. Matching LDAP Groups to codeBeamemer Groups and RolesThis section is only important if you want to extend/override the default CodeBeamer LDAP authentication process! import com.intland.codebeamer.ldap.LdapDao; import com.intland.codebeamer.persistence.dto.UserDto; import com.intland.codebeamer.event.BaseEvent; import com.intland.codebeamer.event.AccountSynchronizationHook; public class MyAccountSynchronizationListener implements AccountSynchronizationHook { /** * This method gets called when a new user account is created from LDAP. * The {@link BaseEvent#getSource()} is the newly created account * The {@link BaseEvent#getSecondarySource()} is the {@link LdapDao} */ public void accountCreated(BaseEvent<UserDto,LdapDao,Void> event) { UserDto user = event.getSource(); LdapDao dao = event.getSecondarySource(); ... } /** * This method gets called when a user account is synchronized from LDAP. * The {@link BaseEvent#getSource()} is the newly synchronized account * The {@link BaseEvent#getSecondarySource()} is the {@link LdapDao} */ public void accountSynchronized(BaseEvent<UserDto,LdapDao,Void> event) { } }
LDAP user synchronizationSince CB 20.11-LTS (Carmen) Starting from Carmen release there is support to synchronize users in bulk from LDAP server.
To synchronize users from LDAP server the following steps is needed:
Note: synchronization will run only once with all user, not in bulk 500s. Note: new users are always created in active status, already existing user's status is untouched. Note: new user's license can be configured by login.newAccountType configuration, see: Application Configuration
Since codebeamer 22.04 (FELICITY) release, the synchronization of LDAP groups only for existing users is supported. For this, the existing users only checkbox displayed on the below screenshot needs to be selected before the synchronization process.
If the existing users only box is checked, only those LDAP users are synchronized that exist in codebeamer as well, therefore, no new users are created.
The following fields are added:
To store user sync configuration in AppConfig a new section is added to LDAP, example: "sync" : { "syncEnabled" : true, "syncInterval" : "1D", "syncLdapModifyTimestampFormat" : "yyyyMMddHHmmssX", "syncPageSize" : 500, "syncUserBase" : "ou=people", "syncUserSearch" : "uid=*", "syncUserSubtree" : true } Also added Modify timestamp to user mapping. Default is modifyTimestamp, unlikely to change. Set Managed Repository Access URLsWhen you use SVN, Git or Mercurial repositories, codeBeamer shows their access URL under the SCM tab. The codeBeamer system administrator can configure different access methods and URLs to these repositories depending on each SCM installation, i.e. svn://CODEBEAMER-HOSTNAME/My_second_project or http://CODEBEAMER-HOSTNAME/svn/My_second_projectFor more information on configuring these URLs, see Administrator's Guide |
Fast Links
codebeamer Overview codebeamer Knowledge Base Services by Intland Software |
This website stores cookies on your computer. These cookies are used to improve your browsing experience, constantly optimize the functionality and content of our website, furthermore helps us to understand your interests and provide more personalized services to you, both on this website and through other media. With your permission we and our partners may use precise geolocation data and identification through device scanning. You may click accept to consent to our and our partners’ processing as described above. Please be aware that some processing of your personal data may not require your consent, but you have a right to object to such processing. By using our website, you acknowledge this notice of our cookie practices. By accepting and continuing to browse this site, you agree to this use. For more information about the cookies we use, please visit our Privacy Policy.Your preferences will apply to this website only.