ManageApp

Management Application Configuration

The N2SVCD Management Application provides a simple HTTP server to which operators can connect in order to view the current N2SVCD running configuration. Drilldown links allow operators to monitor in-use resources (e.g. to check connection status, and to review long-running calls in progress).

When the N2SVCD is running, you can connect your web browser to the N2SVCD Management interface at the address http://<n2svcd-host>:8088/, or other port number as may be configured.

In addition:

Note that the ManageApp is quite distinct from the WatchdogApp:

You should only ever require one Management Application instance within the N2SVCD, although it is possible to run multiple apps (as long as each one listens on a distinct TCP port number). You don’t need to run any Management Application at all, although not doing so means that you will not have the ability to query the status of your running services.

The following configuration is used to create a Management Application instance.

<?xml version="1.0" encoding="utf-8"?>
<n2svcd>
  ...
  <applications>
    ...
    <application name="Manager" module="ManageApp">
      <include><lib>../apps/manage/lib</lib></include>
      <parameters>
        <parameter name="http_host" value="10.42.2.154"/>
        <parameter name="http_port" value="8088"/>
        <parameter name="security" value="sha1"/>
        <!-- Overridden by "config.users". -->
        <parameter name="admin_password" value="LSNb2Q/UBFfpT.hd:gdiyvTHqk+lnJqogbloOBzTGIC8"/>
        <parameter name="user_password" value="SuLk1c4I3tAEV4lj:TTHJaIHmkGxQKf+4Z3bZE2d48Cg"/>
        <parameter name="identifier" value="Production 01"/>
      </parameters>
      <config>
          <!-- Overrides "admin_password" and "user_password". -->
          <users>
              <user name="fred" password="Gff1KoM88MkbCSSg:WRjvf1HPmI9fKcXDddkEETtBzh0" is_admin="true" />
              <user name="wilma" password="noupxm9rVbJvTbTD:ocLjUrhD6lx5UTguRvcw0p4q2RQ" />
          </users>
      </config>
    </application>
    ...
  </application>
  ...
</n2svcd>

Configuration Details

The application element attributes for a Manage Application instance may include the below.

For details of the various parameter types used, refer to Common Configuration.

Parameter Name Type XML Type Description
See: Common Application configuration
module String Attribute [Required] ManageApp
include.lib String Element [Required] ../apps/manage/lib
parameters Array Attribute [Required] As per Common Configuration Application parameters.
"edr_enabled" - - This value is ignored; the Manage Application does not support writing EDRs.
"ssl" Boolean Attribute Whether or not the management GUI will operate under a secure SSL mode.
If enabled, all traffic is expected via SSL and insecure connections will be rejected.
(Default = 0)
"http_host" String Attribute IPv4 Host Name or A.B.C.D IPv4 Address on which to listen for management requests when ssl is not enabled.
(Default = 0.0.0.0)
"http_port" Integer Attribute IPv4 Port Number on which to listen for management requests when ssl is not enabled.
(Default = 8088)
"https_host" String Attribute IPv4 Host Name or A.B.C.D IPv4 Address on which to listen for management requests when ssl is enabled.
(Default = 0.0.0.0)
"https_port" Integer Attribute IPv4 Port Number on which to listen for management requests when ssl is enabled.
(Default = 8089)
"ssl_cert" String Attribute [Conditional] The file path on disk to the location of the SSL Certificate to use when generating SSL connections. This is required if SSL is enabled. The specified path must be readable by the application user.
"ssl_key" Integer Attribute [Conditional] The file path on disk to the location of the SSL Key to use when generating SSL connections. This is required if SSL is enabled. The specified path must be readable by the application user.
"html_dir" String Attribute Directory containing static resource files for HTML management interface.
(Default = ../apps/manage/html)
"use_cache" Boolean Attribute Whether static files cached forever in memory and never checked for changes.
(Default = YES)
"security" String Attribute Specifies how passwords are encoded. Possible values are:
  • open = administrator access granted to all users without authentication
  • closed = all access is denied
  • plain = passwords are configured without encryption
  • sha1 = passwords are stored as SHA1 hash
  • bcrypt = passwords are stored as Bcrypt hash
(Default = plain)
"admin_password" String Attribute The password for the admin user. For security = open or closed, this password is not used. For security = plain, this is a plaintext password. For other types of security, this is the hashed version of the password including a salt prefix.
If the password is set to an empty string, login with the admin will be disabled.
If any usernames and passwords are defined under config.users, the default admin user will not be available.
(Default = No admin Password)
"user_password" String Attribute The password for the user user. For security = open or closed, this password is not used. For security = plain, this is a plaintext password. For other types of security, this is the hashed version of the password including a salt prefix.
If the password is set to an empty string, login with the user will be disabled.
If any usernames and passwords are defined under config.users, the default user user will not be available.
(Default = No user Password)
"identifier" String Attribute Application name or identifier that is shown in the top left of the management GUI application. This parameter is useful for identifying which N2SVCD instance is being managed in deployments where several may exist. (Default = No Identifier)
config Object Element Container for extended configuration for this Application instance.
.users Array Element Array of user elements defining user information.

User Configuration

Individual users may be configured within the config.users section.

<?xml version="1.0" encoding="utf-8"?>
<n2svcd>
  ...
  <applications>
    ...
    <application name="Manager" module="ManageApp">
      ...
      <config>
          <!-- Overrides "admin_password" and "user_password". -->
          <users>
              <user name="fred" password="LSNb2Q/UBFfpT.hd:gdiyvTHqk+lnJqogbloOBzTGIC8" is_admin="true" />
              <user name="wilma" password="SuLk1c4I3tAEV4lj:TTHJaIHmkGxQKf+4Z3bZE2d48Cg" />
          </users>
      </config>
    </application>
    ...
  </application>
  ...
</n2svcd>

Each user element has the following parameters:

Parameter Name Type XML Type Description
name String Attribute The username for this user to access the system.
password String Attribute The password for this user to access the system. For security = open or closed, this password is not used. For security = plain, this is a plaintext password. For other types of security, this is the hashed version of the password, including a salt prefix. If the password is set to an empty string or not specified, login with this user will be disabled.
is_admin Boolean Attribute Whether the user is an administrator or not. Defaults to false.

Note that if any user definitions are configured, the admin_password and user_password parameters are not used. However, such users may be explicitly defined with matching usernames if required, e.g.:

<users>
    <user name="admin" password="LSNb2Q/UBFfpT.hd:gdiyvTHqk+lnJqogbloOBzTGIC8" is_admin="true" />
    <user name="user" password="SuLk1c4I3tAEV4lj:TTHJaIHmkGxQKf+4Z3bZE2d48Cg" />
    ...
</users>

Generating Hashed Passwords

When using the sha1 and bcrypt methods to store passwords, the value to be written into the database must be generated using the mkpasswd program supplied with the n2svcd daemon. This program is normally installed as /usr/share/n2svcd/bin/mkpasswd.

$ cd /usr/share/n2svcd/bin
$ ./mkpasswd sha1
Password:
Re-Enter:
[Encrypted] = SuLk1c4I3tAEV4lj:TTHJaIHmkGxQKf+4Z3bZE2d48Cg

Example Management Page

An example management page is:

Message Handling

In addition to the common Application management messages, the ManageApp uses the following messages: