Talend Administration Center advanced configuration

Talend ESB Installation Guide for Solaris

EnrichVersion
6.2
EnrichProdName
Talend ESB
task
Installation and Upgrade
EnrichPlatform
Talend ESB
Talend CommandLine
Talend Runtime
Talend Administration Center
Talend JobServer

Most of the configuration parameters are stored in the Talend Administration Center database, like backup-related settings, port information, timeout duration, security settings, login delay and so on.

Some parameters can be updated, activated or deactivated from the Configuration page of the Web application or directly in the configuration.properties file, but you might need to edit some of them manually in the configuration table of the Talend Administration Center database. To access this database, open the database web console. To edit this database, open its web console which is accessible from the Database node of the Configuration page of Talend Administration Center.

The following pages detail advanced configuration procedures for Talend Administration Center:

Migrating database X to database Y

If you want to migrate from one database to another, for example from H2 to MySQL, you need to use the MetaServlet command called migrateDatabase.

As the source database is updated during the migration process, it is mandatory to back it up before migrating it.

The MetaServlet application is located in <TomcatPath>/webapps/<TalendAdministrationCenter>/WEB-INF/classes folder.

Note that, to display the help of this command (with related parameters), you need to enter the following in the MetaServlet application:

./MetaServletCaller.sh --tac-url=<yourApplicationURL> -h migrateDatabase

For more information on the MetaServlet application, see the Talend Administration Center User Guide.

See below an example of migration between H2 and PostgreSQL databases.

Please note that to be able to use this command, you need to put it on one single line first.

./MetaServletCaller.sh --tac-url http://localhost:8080/org.talend.administrator --json-params='{"actionName": "migrateDatabase", "dbConfigPassword": "admin", "mode": "synchronous", "sourceUrl": "jdbc:h2:/home/Talend/5.6.1/tac/apache-tomcat/webapps/org.talend.administrator/WEB-INF/database/talend_administrator", "sourceUser": "admin", "sourcePasswd": "admin", "targetPasswd": "root", "targetUrl": "jdbc:postgresql://localhost:5432/postgres", "targetUser": "postgres"}'

Disabling SSL3 in Tomcat

In order to avoid POODLE vulnerability which allows attackers to downgrade SSL/TLS protocol to version SSL v3, and then break the cryptographic security, you might want to disable SSL v3 on the Tomcat server. For more information on how to do this, read the procedure on the Apache website.

Managing the database parameters

The configuration parameters are stored in the database, except for the parameters related to the Talend Administration Center database that are stored in the following file:

<ApplicationPath>/WEB-INF/classes/configuration.properties

The database-related passwords are encrypted at start up, when this file is parsed and loaded in the database.

Change the encrypted default account password

  1. Open the configuration.properties file to edit it.

  2. Note that the encrypted password is followed by: ",Encrypt"

    Remove all that is after the = sign, including ",Encrypt", and type in the new password of the default account.

  3. Save your changes and close the file. At next startup, the password will be encrypted in the database and the file will be updated with this encrypted password.

Change the default password used to configure the database

After the first connection, it is strongly recommended not to use the default user account to access the application for security reasons. You can either change the default credentials of this account (admin@company.com/admin) or create another administrator user and remove the default account.

If you want to change the admin default password that allows you to change the database configuration, do the following:

  1. Scroll down the configuration.properties file until you find the database.config.password parameter.

  2. Change the admin default password to a more individual and secure password.

Managing the connection pool via Tomcat

By default, a third-party application (c3p0) has been embedded into the configuration file of Talend Administration Center, to manage the connection pool.

However if you want Tomcat to manage directly the connection pool, perform the following operations:

In the Web application installation directory, proceed as follows:

  1. In the <ApplicationPath>/WEB-INF/classes folder, change the default setting of the configuration.properties file to:

    database.useContext=True

  2. In the WEB-INF folder, edit the web.xml file and add the following piece of code before the closing tag </web-app>:

    <resource-ref>
    
         <description>Our Datasource</description>
         <res-ref-name>jdbc/ADMINISTRATOR_CONNECTION</res-ref-name>
         <res-type>javax.sql.DataSource</res-type>
         <res-auth>Container</res-auth>
    
    </resource-ref>
  3. In the file <ApplicationPath>/META-INF/context.xml, configure the parameters of connection to the database by modifying the following elements:

    Element name

    Value

    Note

    url

    jdbc:mysql://{ip_address}:3306/{db_name}

    For MySQL, where ip_address corresponds to the database IP address and db_name corresponds to its name.

    jdbc:oracle:thin:@{ip_address}:1521:{db_name}

    For Oracle, where ip_address corresponds to the database IP address and db_name corresponds to its name.

    jdbc:jtds:sqlserver://{ip_address}:1433/{db_name}

    For SQL Server, where ip_address corresponds to the database IP address and db_name corresponds to its name.

    jdbc:h2:file:{dir_path/}<db_name>;MVCC=TRUE;AUTO_SERVER=TRUE; LOCK_TIMEOUT=15000

    For H2, where dir_path corresponds to the database path and db_name corresponds to its name.

    username

    The username used to log in your database, talend_admin by default.

    password

    The password used to log in your database, talend_admin by default.

    driverClassName

    org.gjt.mm.mysql.Driver

    For MySQL.

    oracle.jdbc.driver.OracleDriver

    For Oracle.

    net.sourceforge.jtds.jdbc.Driver

    For SQL Server.

    org.h2.Driver

    For H2.

  4. Copy the relevant .jar file corresponding to the database in which your data is stored in <TomcatPath>/lib/.

You can also deploy Talend Administration Center on a JBoss application server (instead of a Tomcat). So, you can follow the same above instructions for JBoss. For more information on how to deploy the Web application on JBoss, see Deploying Talend Administration Center on JBoss.

Customizing the Talend Administration Center Menu tree view

You also have the possibility to customize the Menu tree view of the Talend Administration Center Web application by adding dynamic links to the website of your choice.

To set up dynamic links:

  1. Open the following file:

    <ApplicationPath>/WEB-INF/classes/configuration.properties

  2. At the end of the file, enter the dynamic link of interest using the given syntax:

    dynamiclink.<key>=<label>#<url>#<order>.

    For example, you can create the link to http://www.talend.com by entering

    dynamiclink.talendcom=Talend#http://www.talend.com#8

    or the link to http://www.talendforge.org by entering

    dynamiclink.talendforge=Talendforge#http://www.talendforge.org#9.

    In this syntax, <key> indicates the technical key of this link configured, <label> is the link name displayed on the Menu tree view, <url> is the website address you need to link to and <order> specifies the position of this link on the Menu tree view.

    dynamiclink.talendcom=Talend#http://www.talend.com#8
    dynamiclink.talendforge=Talendforge#http://www.talendforge.org#9

    Note

    For further information about the order numbers used by Talend Administration Center to arrange the Menu items, check the menuentries.properties file provided in the same classes folder.

  3. Save the configuration.properties file edited.

For more information on how these links are displayed in the Menu tree view of the Talend Administration Center Web application, see the Talend Administration Center User Guide.

Configuring Talend Administration Center login delay

Setting up a login delay allow you to improve the security of your Web application by slowing brute force attacks.

  • In the configuration table of the Talend Administration Center database, change the value of the useLoginDelay parameter to true.

Failed login attempts will now generate a time delay which increases exponentially with each failed attempt.

Configuring LDAP(S) for Talend Administration Center

To configure LDAP(S) for Talend Administration Center, proceed as follows:

Generate a key

  1. Create a folder where you want to store your Keystore.

  2. Open a command prompt.

  3. Using the cd command, go to the folder you created.

  4. Enter the following command:

    <JAVA_HOME>/bin/keytool -genkey -keystore <myKeystoreName> -keyalg RSA

    Replace <JAVA_HOME> with the path to the folder where Java is installed and <myKeystoreName> with the name of your Keystore.

  5. Enter the password you want to create for your Keystore twice. Then, if needed, enter other optional information, such as your name or the name of your organization.

  6. Enter yes to confirm the information you provided.

  7. Enter the password you have previously defined.

Configure LDAP(S) for Talend Administration Center

To set the new Keystore location, edit the JAVA_OPTS environment variable.

  • To edit the JAVA_OPTS environment variable, add the following lines

    -Djavax.net.ssl.keyStore=/<myDirectory>/<myKeystore>
    -Djavax.net.ssl.keyStorePassword=<myPassword>

    to your JAVA_OPTS environment variable, where <myDirectory> is the installation directory of your Keystore, <myKeystore> is the name of your Keystore and <myPassword> is the password you have previously defined for your Keystore.

For more information on how to enable LDAP(S) in Talend Administration Center, see the Talend Administration Center User Guide.