Running the Product
To run WSO2 products, you start the product server at the command line. You can then run the WSO2 Dashboard Designer, which is part of the Portal, to configure and manage the product. The following sections in this page explains everything you need to know about running the product:
Starting the Server
Follow the instructions below to start WSO2 DS based on the Operating System you use.
On Windows/Linux/Mac OS
To start the server, you run <DS_HOME>/bin/wso2server.bat
 (on Windows) or <DS_HOME>/bin/wso2server.sh
 (on Linux/Mac OS) from the command prompt as described below. Alternatively, you can install and run the server as a Windows or Linux service (see the related topics section at the end of this page).
- Open a command prompt by following the instructions below.
- On Windows: Click Start ->  Run, typeÂ
cmd
 at the prompt, and then press Enter. - On Linux/Mac OS: Establish an SSH connection to the server, log on to the text Linux console, or open a terminal window.
- Navigate to theÂ
<DS_HOME>/bin
 directory using the Command Prompt. - Execute one of the following commands:
- To start the server in a typical environment:
- On Windows:Â Â
wso2server.bat --run
On Linux/Mac OS:Â Â
sh wso2server.sh
- On Windows:Â Â
To start the server in the background mode of Linux:Â
sh wso2server.sh start
To stop the server running in this mode, you will enter:Âsh wso2server.sh stop
To provide access to the production environment without allowing any user group (including admin) to log in to the Management Console:
- On Windows:Â
wso2server.bat --run -DworkerNode
- On Linux/Mac OS:Â
sh wso2server.sh -DworkerNode
- On Windows:Â
- To check for additional options you can use with the startup commands, typeÂ
-help
 after the command, such as:Â
sh wso2server.sh -help
 (see the related topics section at the end of this page). The operation log appears in the command window. When the product server has successfully started, the log displays the message "WSO2 Carbon started in 'n' seconds".
On Solaris
To start the server, you run <DS_HOME>/bin/wso2server.sh
 from the Command Prompt as described below.Â
The following instructions are tested on an Oracle Solaris 10 8/11 x86 environment.
- Click Launch -> Run Applications, typeÂ
dtterm
 at the Prompt, and then press Enter, to open a Command Prompt. - Navigate to theÂ
<DS_HOME>/bin
 directory using the Command Prompt. Execute the following command:
bash wso2server.sh
The operation log appears in the command window. When the product server has successfully started, the log displays the message "WSO2 Carbon started in 'n' seconds".
<DS_HOME>/bin/wso2server.sh
file, to start the product as a service/in nohup mode on Solaris.- Open the
<DS_HOME>/bin/wso2server.sh
file in a text editor. Search for the following occurrences:Â
nohup sh "$CARBON_HOME"/bin/wso2server.sh $args > /dev/null 2>&1 &
Replace the latter mentioned occurrences with the following.
nohup bash "$CARBON_HOME"/bin/wso2server.sh $args > /dev/null 2>&1 &
The only change is replacingÂ
sh
 withÂbash
. This is required only for Solaris.Start the product by following the above instructions.
Â
Accessing the WSO2 DS Consoles
Once the server has started, you can run the WSO2 DS Consoles by opening a Web browser and typing in the respective URLs.Â
The WSO2 DS Console URLs are as follows:
- For access via HTTP:
Â
Portal:
 http://<DS_HTTP_HOST>:<HTTP_PORT>/portal/
WSO2 DS Management Console:Â
http://<DS_HTTP_HOST>:<HTTP_PORT>/carbon/
For access via secured HTTP:Â
Portal:Â https://<DS_HTTPS_HOST>:<HTTPS_PORT>/portal/
WSO2 DS Management Console:Âhttps://<DS_HTTPS_HOST>:<HTTPS_PORT>/carbon/
When accessing the Management Console from the same server where it's installed, you can typelocalhost
 instead of the IP address: https://localhost:9443/carbonThe Management Console URL can be changed by modifying the value of theÂ
MgtHostName
 in theÂ<DS_HOME>/repository/conf/carbon.xml
file.<MgtHostName>localhost</MgtHostName>
For more information, see Accessing the Portal and Accessing the WSO2 DS Management Console.
You can use the above URLs to access the WSO2 DSÂ consoles on this computer from any other computer connected to the Internet or LAN.
When the Portal Sign-in page appears, the web browser will typically display an "insecure connection" message, which requires your confirmation before you can continue.
The Portal is based on the HTTPS protocol, which is a combination of HTTP and SSL protocols. This protocol is generally used to encrypt the traffic from the client to server for security reasons. The certificate it works with is used for encryption only, and does not prove the server identity, so when you try to access the Portal, a warning of untrusted connection is usually displayed. To continue working with this certificate, some steps should be taken to "accept" the certificate before access to the site is permitted. If you are using the Mozilla Firefox browser, this usually occurs only on the first access to the server, after which the certificate is stored in the browser database and marked as trusted. However, with other browsers, the insecure connection warning might be displayed every time you access the server.
This scenario is suitable for testing purposes, or for running the program on the company's internal networks. If you want to make the Portal available to external users, your organization should obtain a certificate signed by a well-known certificate authority, which verifies that the server actually has the name it is accessed by and that this server belongs to the given organization.
If you leave the WSO2 DS Consoles unattended, the session will time out. The default timeout value is 15 minutes, but you can change this in the <DS_HOME>/repository/conf/tomcat/carbon/WEB-INF/web.xml
file as follows:
<session-config> <session-timeout>15</session-timeout> </session-config>
Restricting Access to the Management Console and Web Applications:
You can restrict access to the management console of your product by binding the management console with selected IP addresses. Note that you can either restrict access to the management console only, or you can restrict access to all web applications in your server as explained below.
To control access only to the management console, add the IP addresses to theÂ
<DS_HOME>/repository/conf/tomcat/carbon/META-INF/context.xml
file as follows:<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<IP-address-01>|<IP-address-02>|<IP-address-03>"/>
The
RemoteAddrValve
Tomcat valve defined in this file will only apply to the Carbon management console, and thereby all outside requests to the management console will be blocked.ÂTo control access to all web applications that are deployed on your server, add the IP addresses to the
<DS_HOME>/repository/conf/context.xml
file as follows:<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="<IP-address-01>|<IP-address-02>|<IP-address-03>"/>
The
RemoteAddrValve
Tomcat valve defined in this file will apply to each web application hosted on the DS server. Therefore, all outside requests to any web application will be blocked.You can also restrict access to particular servlets in a web application by adding a Remote Address Filter to the
web.xml
file, which is stored in the<DS_HOME>/repository/conf/tomcat/
directory, and by mapping that filter to the servlet URL. In the Remote Address Filter that you add, you can specify the IP addresses that should be allowed to access the servlet.
The following example, which is extracted from aweb.xml
file, illustrates how access to the management page (/carbon/admin/login.jsp
) is granted only to one IP address:<filter> <filter-name>Remote Address Filter</filter-name> <filter-class>org.apache.catalina.filters.RemoteAddrFilter</filter-class> <init-param> <param-name>allow</param-name> <param-value>127.0.01</param-value> </init-param> </filter> <filter-mapping> <filter-name>Remote Address Filter</filter-name> <url-pattern>/carbon/admin/login.jsp</url-pattern> </filter-mapping>
<DS_HOME>/repository/conf/tomcat/catalina-server.xml
file applies to all web applications and is globally available across server, regardless of host or cluster. See the official Tomcat documentation for more information about using remote host filters.Stopping the Server
To stop the server, press Ctrl+C in the command window.