Configuring the Network Interface Restriction in the Solution Manager

The Denodo Platform allows to restrict the network interface through which the platform’s servers will listen to incoming connections.

In order to activate this restriction in the Solution Manager, stop all the Denodo servers and edit the following configuration options:

Configuration property files to modify to enable the network interface restriction in the Solution Manager

Component

Configuration File

Embedded Virtual DataPort server

<SM_HOME>/conf/vdp/VDBConfiguration.properties

License Manager Server

<SM_HOME>/conf/license-manager/LMConfigurationParameters.properties

Solution Manager Server

<SM_HOME>/conf/solution-manager/SMConfigurationParameters.properties

Solution Manager Web Tool

<SM_HOME>/conf/solution-manager-web-tool/SMAdminConfiguration.properties

Diagnostic and Monitoring Tool

<SM_HOME>/resources/apache-tomcat/webapps/diagnostic-monitoring-tool/WEB-INF/classes/ConfigurationParameters.properties

Web Container

<DENODO_HOME>/resources/apache-tomcat/conf/tomcat.properties <DENODO_HOME>/resources/apache-tomcat/conf/server.xml

  • Embedded Virtual DataPort Server:

    • Uncomment the property com.denodo.vdb.vdbinterface.server.VDBManagerImpl.hostName and set its value to a Domain Name System (DNS) that the server host will resolve to the restricted network interface.

    • Set com.denodo.vdb.vdbinterface.server.VDBManagerImpl.registryURL to the corresponding network interface.

    • Define com.denodo.vdb.vdbinterface.server.VDBManagerImpl.registryURL.restricted to the restricted IP/network interface. The value of the property registryURL has to be resolved to the same value of the restricted network in the local VDP server.

  • License Manager Server:

    • Set the properties server.address and com.denodo.solutionmanager.storage.DerbyStorageManager.derbyHost to the restricted address.

  • Solution Manager Server:

    • Set the properties server.address and com.denodo.solutionmanager.vdp.hostname to the restricted network interface.

  • Solution Manager Web Tool:

    • Set the property com.denodo.solutionmanager.host to the restricted address.

  • Diagnostic and Monitoring Tool:

    • Set the property vdp.hostname to the restricted network interface.

  • Web Container:

    • In the tomcat.properties file:

      1. Set the property com.denodo.tomcat.jmx.rmi.host to the restricted network interface.

      2. The property com.denodo.vdp.host must be commented out.

      3. Add the property com.denodo.tomcat.shutdown.host with the restricted network interface as value.

    • In the server.xml:

      1. Add the property address="${com.denodo.tomcat.shutdown.host}" to the <Server> declaration in order to configure the IP on which the Tomcat servers waits for shutdown commands.

      2. Add the property address="${com.denodo.vdp.host}" as well to the <Connector> component to specify which address will be used for listening on the specified port.

      <Server address="${com.denodo.tomcat.shutdown.host}" port="${com.denodo.tomcat.shutdown.port}" shutdown="SHUTDOWN">
      
          <Connector
             address="${com.denodo.vdp.host}"
             port="${com.denodo.tomcat.http.port}"
      
          />
      
      </Server>
      

Note

Configure the shutdown host is optional in the Web Container. If the property com.denodo.tomcat.shutdown.host is not set the shutdown listener will be bind to LOCALHOST and the Server tag in the server.xml should not include the address property. Configuring the shutdown host could open a random port listening through all network interfaces that only accepts connections from the Web Container host