The Sentinel Express provisioning module is distributed as a Rhino Element Manager (REM) plugin.

It requires REM 2.7.0 or compatible. REM can be installed with Jetty or Apache Tomcat. For Sentinel Express, the Apache Tomcat method is required.

To install the Sentinel Express Provisioning module you will need:

Below are the procedures to:

Important
REM restart required

After installing and configuring the plugin, you will need to restart REM, for example by restarting the Tomcat webapp it is running in:

${CATALINA_BASE}/bin/catalina.sh stop
${CATALINA_BASE}/bin/catalina.sh start

Set up Tomcat

To set up Apache Tomcat for the Sentinel Express Provisioning module:

1

Follow the instructions for running REM on Apache Tomcat in the REM Guide.

2

Create the rem_home/plugins directory.

cd apache-tomcat-<version>
mkdir -p rem_home/plugins

Install the REM plugin

To install the REM plugin for the Sentinel Express Provisioning Module:

1

Copy sentinel-express-element-manager-<version>.em.jar into rem_home/plugins.

cd apache-tomcat-<version>
cp /full/path/to/sentinel-express-element-manager-<version>.em.jar rem_home/plugins/

2

(Optional) Copy sis-em-<version>.em.jar into rem_home/plugins.

cd apache-tomcat-<version>
cp /full/path/to/sis-em-<version>.em.jar rem_home/plugins/

Customize plugin logging

1

Unzip log4j2.properties from rem.war:

cd apache-tomcat-<version>
mkdir rem-tmp
cd rem-tmp
unzip ../webapps/rem.war WEB-INF/classes/log4j2.properties

2

Edit WEB-INF/classes/log4j2.properties with this content:

rootLogger.level=INFO
rootLogger.appenderRef.console.ref=CONSOLE
rootLogger.appenderRef.file.ref=FILE

appender.CONSOLE.type=Console
appender.CONSOLE.name=CONSOLE
appender.CONSOLE.layout.type=PatternLayout
appender.CONSOLE.layout.pattern=%d{ABSOLUTE} %-5p <%t> [%c] %m%n

appender.FILE.type=RollingFile
appender.FILE.name=FILE
appender.FILE.filename=${rem.home}/rem.log
appender.FILE.layout.type=PatternLayout
appender.FILE.layout.pattern=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p <%t> [%c] %m%n

logger.rem.name=rem
logger.rem.level=INFO
logger.openjpa.name=openjpa
logger.openjpa.level=INFO
logger.wink.name=org.apache.wink
logger.wink.level=INFO

# Uncomment for subscriberdata cache eviction logging
#logger.subscriberdatacache.name = rem.server.sentinel.subscriberdata.cache
#logger.subscriberdatacache.level = TRACE

logger.audit.name=sentinel.audit
logger.audit.level=INFO
logger.audit.additivity=false
logger.audit.appenderRef.audit.ref=AUDIT

appender.AUDIT.type = RollingFile
appender.AUDIT.name = AUDIT
appender.AUDIT.fileName = ${rem.home}/sentinel-audit.log
appender.AUDIT.layout.type = PatternLayout
appender.AUDIT.layout.pattern = "%d{yyyy-MM-dd HH:mm:ss,SSS}", "%c{1}", %m%n

3

Replace WEB-INF/classes/log4j2.properties in rem.war:

zip ../webapps/rem.war WEB-INF/classes/log4j2.properties

4

Remove temporary files:

cd ..
rm -rf rem-tmp

Import Rhino trust certificate

This can also be done using the REM web UI.

1

Import a Rhino Trust Certificate into REM:

"${JAVA_HOME}/bin/keytool" -importcert -file ${RHINO_HOME}/rhino-trust.cert -keystore "${TOMCAT_HOME}/rem_home/rhino-ems.ks" -storepass changeit -noprompt

Security considerations

Below are recommendations for securely running the Sentinel Express Provisioning Module.

Use https

Be aware that the Sentinel Express machine API uses HTTP BASIC authentication. This passes the username and password with every request.

To prevent your credentials going over the network unencrypted, run REM over https.

Set up SSL

See the Tomcat 7 - SSL How-To docs for help setting up SSL in Apache Tomcat 7.

Previous page Next page
Sentinel Express Version 3.1.0