Unknown macro: {next_previous_link3}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

To run WSO2 products, you start the product server at the command line. The following sections in this page explain everything you need to know about running the product:

Starting the Server

Before you begin

If you wish to try out the Raspberry Pi and Arduino sample plugins, in the WSO2 IoT Server console, navigate to the WSO2 IoTS directory and run the device-plugins-deployer.xml file.
Example: 

cd <IOTS_HOME>/samples
mvn clean install -f device-plugins-deployer.xml

NOTE: Android, Windows and Android Sense are included in the server by default. You will need to configure WSO2 IoT Server to try out iOS.

Follow the instructions below to start your WSO2 product based on the Operating System you use:


Running IoT Server

Once you start the server, you can access the WSO2 IoT Server consoles by opening a Web browser and typing in the respective URLs. 

The WSO2 IoTS Console URLs are as follows:

  • Access via HTTP: 
    WSO2 IoT Server Device Management Console: http://<IOTS_HTTP_HOST>:9763/devicemgt
    WSO2 IoT Server Management Console: http://<IOTS_HTTP_HOST>:9763/carbon
    WSO2 IoT Server Device Monitoring Dashboard: https://<IOTS_HTTP_HOST>:9763/portal
     
  • Access via secure HTTP
    WSO2 IoT Server Device Management Console: https://<IOTS_HTTPS_HOST>:9443/devicemgt
    WSO2 IoT Server Management Console: https://<IOTS_HTTPS_HOST>:9443/carbon
    WSO2 IoT Server Device Monitoring Dashboard: https://<IOTS_HTTPS_HOST>:9443/portal

When accessing the Management Console from the same server where it's installed, you can type localhost  instead of the IP address:  https://localhost:9443/carbon

 The Management Console URL can be changed by uncommenting and modifying the value of the MgtHostName in the <PRODUCT_HOME>/conf/carbon.xml file.

Example:

 <MgtHostName>localhost</MgtHostName>

For more information, see Accessing the Device Management ConsoleAccessing the WSO2 IoTS Management Console, and Accessing the WSO2 Device Monitoring Dashboard.

You can use the above URLs to access the WSO2 IoT Server consoles on this computer from any other computer connected to the Internet or LAN.

When these pages appear, the web browser will typically display an "insecure connection" message, which requires your confirmation before you can continue.

The IoT Server consoles are based on the HTTPS protocol, which is a combination of HTTP and SSL protocols. This protocol is generally used to encrypt the traffic from the client to server for security reasons. The certificate it works with is used only for encryption and does not prove the server identity, so when you try to access these consoles, a warning of untrusted connection is usually displayed. To continue working with this certificate, some steps should be taken to "accept" the certificate before access to the site is permitted. If you are using the Mozilla Firefox browser, this usually occurs only on the first access to the server, after which the certificate is stored in the browser database and marked as trusted. However, with other browsers, the insecure connection warning might be displayed every time you access the server.

This scenario is suitable for testing purposes, or for running the program on the company's internal networks. If you want to make these consoles available to external users, your organization should obtain a certificate signed by a well-known certificate authority, which verifies that the server actually has the name it is accessed by and that this server belongs to the given organization.

If you leave the IoT Server consoles unattended, the session will time out. The default timeout value is 15 minutes, but you can change this in the <IOTS_HOME>/conf/tomcat/carbon/WEB-INF/web.xml file as follows:

<session-config>
   <session-timeout>15</session-timeout>
</session-config>

Restricting Access to the Management Console and Web Applications:

You can restrict access to the management console of your product by binding the management console with selected IP addresses. Note that you can either restrict access to the management console only, or you can restrict access to all web applications in your server as explained below.

  • To control access only to the management console, add the IP addresses to the <PRODUCT_HOME>/conf/tomcat/carbon/META-INF/context.xml file as follows:

    <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<IP-address-01>|<IP-address-02>|<IP-address-03>"/>

    The RemoteAddrValve Tomcat valve defined in this file will only apply to the Carbon management console, and thereby all outside requests to the management console will be blocked. 

  • To control access to all web applications deployed on your server, add the IP addresses to the <PRODUCT_HOME>/conf/tomcat/context.xml file as follows:

    <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<IP-address-01>|<IP-address-02>|<IP-address-03>"/>

    The RemoteAddrValve Tomcat valve defined in this file will apply to each web application hosted on the Carbon server. Therefore, all outside requests to any web application will be blocked.

  • You can also restrict access to particular servlets in a web application by adding a Remote Address Filter to the web.xml file (stored in the <PRODUCT_HOME>/repository/conf/tomcat/ directory), and by mapping that filter to the servlet URL. In the Remote Address Filter that you add, you can specify the IP addresses that should be allowed to access the servlet.


    The following example from a web.xml file illustrates how access to the management page (/carbon/admin/login.jsp) is granted only to one IP address:

    <filter>
        <filter-name>Remote Address Filter</filter-name>
        <filter-class>org.apache.catalina.filters.RemoteAddrFilter</filter-class>
            <init-param>
                <param-name>allow</param-name>
                <param-value>127.0.01</param-value>
            </init-param>
    </filter>
    
    <filter-mapping>
        <filter-name>Remote Address Filter</filter-name>
        <url-pattern>/carbon/admin/login.jsp</url-pattern>
    </filter-mapping>
Note: Any configurations (including valves) defined in the <PRODUCT_HOME>/conf/tomcat/catalina-server.xml file applies to all web applications and is globally available across server, regardless of host or cluster. See the official Tomcat documentation for more information about using remote host filters .

Stopping the Server

To stop the server, press Ctrl+C in the command window.

  • No labels