The Sentinel Express provisioning module is distributed as a Rhino Element Manager (REM) plugin.
It requires REM 1.5.0 or compatible. REM can be installed with Jetty or Apache Tomcat. For Sentinel Express, the Apache Tomcat method is required.
To install the Sentinel Express Provisioning module you will need:
-
the REM distribution package —
rhino-element-manager-<version>.zip
; expanded to a location of your choice -
an Apache Tomcat installation — either downloaded and configured manually, or installed via a package manager; minimum supported version is
7.0.39
-
the Sentinel Express REM plugin —
sentinel-express-element-manager-<version>.em.jar
Below are the procedures to:
Set up Tomcat
To set up Apache Tomcat for the Sentinel Express Provisioning module:
1 |
Follow the instructions for running REM on Apache Tomcat in the REM Guide. |
---|---|
2 |
Create the cd apache-tomcat-<version> mkdir -p rem_home/plugins |
Install the REM plugin
To install the REM plugin for the Sentinel Express Provisioning Module:
1 |
Copy cd apache-tomcat-<version> cp /full/path/to/sentinel-express-element-manager-<version>.em.jar rem_home/plugins/ |
---|
Customize plugin logging
1 |
Unzip cd apache-tomcat-<version> mkdir rem-tmp cd rem-tmp unzip ../webapps/rem.war WEB-INF/classes/log4j.properties |
---|---|
2 |
Edit log4j.rootLogger=INFO, FILE, CONSOLE log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout log4j.appender.CONSOLE.layout.ConversionPattern=%d{ABSOLUTE} %-5p <%t> [%c] %m%n log4j.appender.FILE=org.apache.log4j.FileAppender log4j.appender.FILE.File=${rem.home}/rem.log log4j.appender.FILE.layout=org.apache.log4j.PatternLayout log4j.appender.FILE.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p <%t> [%c] %m%n log4j.logger.rem=INFO log4j.logger.openjpa=INFO log4j.logger.org.apache.wink=INFO # Uncomment for subscriberdata cache eviction logging #log4j.logger.rem.server.sentinel.subscriberdata.cache=TRACE log4j.logger.sentinel.audit=INFO, AUDIT log4j.additivity.sentinel.audit=false log4j.appender.AUDIT=org.apache.log4j.FileAppender log4j.appender.AUDIT.File=${rem.home}/sentinel-audit.log log4j.appender.AUDIT.layout=org.apache.log4j.PatternLayout log4j.appender.AUDIT.layout.ConversionPattern="%d{yyyy-MM-dd HH:mm:ss,SSS}", "%c{1}", %m%n |
3 |
Replace zip ../webapps/rem.war WEB-INF/classes/log4j.properties |
4 |
Remove temporary files: cd .. rm -rf rem-tmp |
Import Rhino trust certificate
This can also be done using the REM web UI.
1 |
Import a Rhino Trust Certificate into REM: "${JAVA_HOME}/bin/keytool" -importcert -file ${RHINO_HOME}/rhino-trust.cert -keystore "${TOMCAT_HOME}/rem_home/rhino-ems.ks" -storepass changeit -noprompt |
---|
Security considerations
Below are recommendations for securely running the Sentinel Express Provisioning Module.
Use https
Be aware that the Sentinel Express machine API uses HTTP BASIC authentication. This passes the username and password with every request.
To prevent your credentials going over the network unencrypted, run REM over https.
Set up SSL
See the Tomcat 7 - SSL How-To docs for help setting up SSL in Apache Tomcat 7.