CMDBWS and WS-Security
Because CMDBWS does not support any WS-Security features, none of the default WS-Security policies are applied to CMDBWS. Also, you cannot apply the supported WS-Security policies to CMDBWS.
Any changes made to the policies and keystores as described in other sections affect only BMC Atrium Core Web Services 7.5.00 and later.
Products that have an existing integration with CMDBWS might not be able to use CMDBWS if you enable SSL using the procedure described in Enabling SSL for transport-level encryption for CMDBWS If, after SSL is applied to the CMDBWS, you encounter any issues with BMC products integrated with BMC Atrium CMDB using CMDBWS , you might have to return the CMDBWS to its former configuration without SSL.
CMDBWS is the deprecated Web Services that was released in BMC Atrium CMDB 2.1. To support CMDBWS in the Axis2 implementation, the Web application is a modified Axis2-based WAR distribution and contains the CMDBWS Web Service archive prebuilt into it. This Web application should be installed into the same Tomcat instance as the Atrium Web Application. If you need to reinstall or redeploy into that Tomcat instance, the packaged cmdbws.war file is installed in <BMCAtriumCoreInstallationDirectory>/wsc/atriumws91/archives/.
The cmdbws.war file includes the following custom module:
BMCAtriumWSPrerequisiteChecker — This module is globally referenced in the atriumws91.war distribution and affects access to all service endpoints. This module checks that prerequisites are met for BMC Atrium Core services to run in Tomcat:
- the CMDB APIs are accessible in a shared lib path in Tomcat
- the JNI shared native libraries are loadable in Tomcat
- the Java version is either 1.5 or 1.6,
- the JRE or JDK is 32-bit.
The installation verifies these prerequisites, so this module is included to check if anything has changed in the Tomcat configuration since installation that would affect these prerequisites. If the prerequisites do not pass, a SOAP:Fault message is sent as a response from the Web Services that describes the failures.
Apache Axis2 WAR Distribution modifications for CMDBWS
The Axis2 WAR is the primary component of the CMDBWS Web Application Archive and has the following modifications:
- WEB-INF/web.xml — Modified to remove access to the Axis2 Administration Console, which the CMDBWS WAR does not use. Also, endpoints use the following format:
This change matches what existing BMC products expect so that they can integrate with BMC Atrium Core through CMDBWS.
<servlet>element for AxisAdminServlet has been commented out.
<servlet-mapping>element for AxisAdminServlet has been commented out.
- The existing
<servlet-mapping>element for the AxisServlet is mapped to
/services/, and a new element maps to
/server/. These changes ensure that the CMDBWS meets the requirement format for endpoints.
- WEB-INF/conf/axis2.xml — Modified to fit the wanted operational configuration for BMC Atrium Web Services and, like web.xml, to meet the requirement format for endpoints.
servicePathparameter is no longer commented out and has been changed from services to server. This change ensures that the CMDBWS meets the requirement format for endpoints.
passwordparameters have been commented out. With the WEB-INF/web.xml changes, these parameters are not necessary.
hotupdateparameter has been changed from false to true. The CMDBWS is a standalone bundle, and you cannot deploy other Web Service archives into it.
DrillDownToRootCauseForFaultReasonparameters both changed from false to true. These changes enable detailed stack traces accompanying faults to be sent with the SOAP fault responses at runtime.
messageBuilderclass name, where
application/xml, is changed from ApplicationXMLBuilder to SOAPBuilder. For more details about this change, see section 4.2 defined in .
disableSOAP12parameters changed from false to true. BMC Atrium Web Services does not support Axis2's REST option to send and receive responses without the SOAP envelope, and only SOAP 1.1 is currently supported in SOAP requests and responses.
- The existing HTTP transportReceiver is replaced with a transportReceiver declaration absent a declaration for the HTTP port. Additionally, an HTTPS transportReceiver is added absent a declaration for the HTTPS port. Both of these are mapped to the AxisServlet class. These sections indicate that the Atrium WAR depends on the Tomcat configured connectors.
- The reference to the WS-Addressing module is removed. CMDBWS does not support WS-Addressing.
- A new custom phase (BMCPrerequisitesPhase) is added to the
InFlow phaseOrderdeclaration immediately before the Security phase. The BMCAtriumWSPrerequisiteChecker custom module uses BMCPrerequisitesPhase to order the prerequisite checks before security phases are encountered.
The Axis2-based implementation of CMDBWS does not share runtime properties with BMC Atrium Web Services, and you do not configure it through Atrium Service Configuration Service. Instead, CMDBWS has its own properties file: <BMCAtriumCoreInstallationDirectory>\wsc\cmdbws directory\cmdbws.properties.
The CMDBWS implementation reads this file each time an operation is called. CMDBWS immediately picks up any property changes in the Web service without restarting the server.
The BMC Atrium Core installer configures the correct values for the properties. The following table describes the CMDBWS properties
The hostname of the AR Server/CMDB to be accessed by the Web services.
The port number of the AR Server/CMDB to be accessed by the Web services.
The default RPC queue number to be used in accessing the CMDB. This is a global configuration. Client applications cannot set their own values for this property. The default queue number is 0.
The default locale to be used by AR Server/CMDB for its human readable status or fault messages. This value can be specified by a client in each operation exposed by the core Web services, but if that value is not passed in at that time, the value specified here is used as the default. Messages specific to CMDBWS are not localized as they are in Atrium Web services, so this setting has no effect on those but rather only on messages from the AR and CMDB. The default locale is en.
The default timezone to be used in accessing the AR Server/CMDB. The default value is 0.
The normal timeout value to be used in accessing the AR Server/CMDB. This is a global configuration. Client applications cannot set their own values for this property. The default value is 0.
The long timeout value to be used in accessing the AR Server/CMDB. This is a global configuration. Client applications cannot set their own values for this property. The default value is 0.
The extra long timeout value to be used in accessing the AR Server/CMDB. This is a global configuration. Client applications cannot set their own values for this property. The default value is 0.
The level at which the CMDBWS should log itself. Log messages are written to standard out, meaning that those messages should be included in the console window of Tomcat or one of its standard out logs. Possible values are INFO, ERROR, WARN, DEBUG, and TRACE. The default log level is WARN.