You first copy the Version 5 software from the CD-ROM to a UNIX directory … … and then install as normal on the server prior to distibution /usr/my_Version5_software_directory. - презентация

1 You first copy the Version 5 software from the CD-ROM to a UNIX directory … … and then install as normal on the server prior to distibution /usr/my_Version5_software_directory Server /usr/Dassault Systemes/Bn/aix_a

2 You first install and share the Version 5 software on the server … MyEnv … then set up a minimal runtime environment on the client to access Version 5 over the network via a mapped drive Server C:\Program Files\Dassault Systemes\Bn Thin Client

3 From the server, you export the directory /usr/my_Version5_software_directory to the client… … and then, from the client, mount the directory /usr/my_Version5_software_directory on the server via mount NFS, and install Version 5 in /usr/DassaultSystemes/Bn_aix_a /usr/my_Version5_software_directory /usr/Dassault Systemes/Bn/aix_a Client (chopin) Server (ravel) export and mount NFS

4 From the server, you export the directory /usr/DassaultSystemes/Bn/aix_a to the client… … and then, from the client, mount the exported installation directory /usr/DassaultSystemes/Bn/aix_a on the server via mount NFS, and set up a minimal runtime environment on the client to access the Version 5 code over the network /usr/DassaultSystemes/Bn/aix_a Client (chopin) Server (ravel) export and mount NFS /usr/DassaultSystemes/Bn/aix_a The server can be any UNIX code server (AIX/HP-UX/IRIX/Solaris). If the client is AIX, for example, the directory /usr/DassaultSystemes/Bn/aix_a must contain the AIX install files. MyEnv

5 You can copy the software into a folder on one computer, or simply insert the CD-ROM into the drive… … then, on a remote computer, map the drive containing the folder (or the CD- ROM drive directly) and run the StartB batch command to install Version 5 over the network. E:\My_CATIAV5_Folder C:\Program Files\Dassault Systemes\Bn (ravel) Computer where V5 software is accessible (chopin) Computer on which V5 is to be installed

6 You can copy the software into a folder on the source computer, and run the RCMD command from here … … to install the software over the network onto a remote computer. E:\My_CATIAV5_Folder (chopin) Computer on which V5 is to be installed C:\Program Files\Dassault Systemes\Bn (ravel) Computer where V5 software is accessible

7 You first build the archive on the source computer based on the differences between two installed software levels … … then you install the archive on end user (target) computers running the same configurations/products. Source Computer V5Rn GA Target Computer (V5Rn SP1) V5Rn SP2 V5Rn GA + Archive = V5RnSP2 Archive File V5Rn GA + Archive = V5RnSP2

8 VaultClientA properties file VaultClientA Vault1OrbSrv Database Vault1OrbSrv Repository Vault1OrbSrv Server properties file Vault1OrbSrv Vault Server VaultClientZ properties file VaultClientZ VaultCacheOrbSrv Database VaultCacheOrbSrv Repository VaultCacheOrbSrv Server properties file VaultCacheOrbSrv Vault Server VaultCacheOrbSrv Client properties file LAN connection WAN read connection write/refresh connection read write refresh

9 Refresh data Vault Cache in Write Mode Vault Cache Server DB Server DB and File Server DB and File Server In multi-site connected scenario over WAN : Vault cache supports Read/Write access Update Vault Database information over the Wan Update Vault are performed asynchronously over the WAN WAN Read remote data Write remote File data CATIA Client Vault Client ENOVIA VPM V5 Server Vault Server OEMSupplier Write remote database lock Write Asynchronously remote File data Read Write remote database data

10 VaultClientA properties file VaultClientA Vault1OrbSrv Database Vault1OrbSrv Repository Vault1OrbSrv Server properties file Vault1OrbSrv Vault Server

11 Classic Authentification Using SSO and a User Directory (R11) Server WebTop Client ENOVIA LCA Server Server Manager SSO in WAS Repository (LDAP) Authentication against SSO Authorization check and mapping Launch ENOVIA LCA server User = Logical user Steve Description SSO Attributes Logical user ldap user (Steve) LCA user system id enoviaUser (ses) LCA user system password enoviaPassword LCA Windows domain enoviaDomain LCA logical user enoviaRealName P&O User = enoviaUser (ses) Process userid = enoviaUser (ses)

12 Server WebTop Client ENOVIA LCA Server Server Manager SSO in WAS LDAP Authentication against SSO Launch ENOVIA LCA server with $CATRealUser=enoviaRealName User = Logical user Steve P&O User = enoviaRealName Process userid =enoviaUser TOTO (this user is a generic userid declared on the system and shared by all logical users) Drop Dependency on Physical System Userid Authorization check and mapping Description SSO Attributes Logical user ldap user (Steve) LCA user system id enoviaUser (TOTO) LCA user system password enoviaPassword LCA Windows domain enoviaDomain LCA logical user enoviaRealName Authorization check and mapping

13 Client Host Web Application Server Host Web Application Server DB Server Host DB Server ENOVIA Web Application ENOVIA Server Host ENOVIA 3dcom Server ENOVIA Server Manager LDAP Directory Server Host LDAP Directory Server ENOVIA Client ENOVIA VPM Server ENOVIA LCA Server Other Databases LDAP Repository Database IIOPHTTP LDAP Client Side Server Side CATIA V4/V5 Server Settings servlet Settings Repository Database SSO servlet Modular servlet

14 Client Host Web Application Server Host Web Application Server processes DB Server Host DB Server Processes ENOVIA Web Application running SSO servlet ENOVIA 3dcom Server Host ENOVIA 3dcom Server Processes ENOVIA Server Manager Process LDAP Directory Server Host LDAP Directory Server processes ENOVIA Client process WAS Repository Database Settings Repository Database ENOVIA VPM V4 Server Host ENOVIA Server Manager Process ENOVIA VPM V4 Server Processes ENOVIA VPM V5 Server Host ENOVIA Server Manager Process ENOVIA VPM V5 Server Processes Other Databases SSO User Exit Reference Implementation with SSO servlet Default Implementation with LDAP Process forking IIOPHTTP LDAP Client Side Server Side SSO User Exit LDAP Repository Database

15 Figure-1 Connectivity without tunneling A range of ports to open on the firewall : Orbix : 1570, Client Host Server Host Client Host Orbix Daemon Workbook Server Server Manager Settings Server LCA Server LCA client V5 Server Settings Server LCA ServerV5 Server Firewall IIOP

16 Only port 80 is open Client Host Server Host Orbix Daemon Workbook Server Server Manager Settings Server LCA Server Web Server LCA Client V5 Server Redirector HTTPTunnel Server HTTP Tunnel Client HTTP Firewall TunnelStartup HTTP tunneling (1/2)

17 Bastion Host Client Host HTTP Tunnel Proxy Server Host Orbix Daemon Workbook Server Server Manager Settings Server LCA ServerV5 Server Redirector HTTPTunnel Server LCA Client Web Server With a Tunnel Proxy Process in a DMZ HTTP Tunnel Client HTTP Firewall TunnelStartup HTTP tunneling (2/2)

18 Bastion Host S0 Client Host Name resolution setup HTTP Tunnel Proxy Server Host S1 Redirector HTTP Tunnel Server LCA Client HTTP Tunnel Client IP1:80IP0:80,8000 HTTP Firewall Bastion Host External DNS Server Server Host Internal DNS Server 53 S0 IP0 S1 IP0 53 S1 IP1

19 Typical deployment Firewall Server Host S1 (IP1) Tunnel Server -listen 80 orbixd :1570 orbix3.cfg: IT_LOCAL_HOST=lca Server Host S2 (IP2) Tunnel Server -listen 80 orbixd :2570 runENOVVaultServer: java -DOrbixWeb. IT_LOCAL_HOSTNAME=vault Bastion Host External DNS Server :53 lca IP0 vault IP0 S0 IP0 Bastion Host S0 (IP0) Tunnel Proxy -listen 80 -web S0:8000 IP1 lca S1 IP2 vault S2 /etc/hosts: MyHttpProxy HTTP Proxy Server :8080 Client Host Port Redirector LCA Client Logon: Tunnel Client -listen forward S0:80 -proxy MyHttpProxy:8080 corbaProxy.properties: CATProxify=lca:80,vault:80 CATProxyGateway=localhost VaultClient.properties: HostName = vault DaemonPort = 2570 lca:1570

20 Only port 443 is open Client Host Server Host Orbix Daemon Workbook Server Server Manager Settings Server LCA Server Web Server LCA Client V5 Server Redirector SSL Tunnel Server SSL Tunnel Client SSL Firewall TunnelStartup SSL tunneling

21 HTTP Tunneling (1/2) Tunneling through port only Client Host Server Host webstarter Orbix Daemon Workbook Server Server Manager Settings Server V4 Server Web Server Browser V5 Server Redirector HTTP Tunnel Server HTTP Tunnel Client HTTP Firewall HTTP TunnelStartup

22 Bastion Host Client Host HTTP Tunneling (2/2) Reverse Proxy Server Host webstarter Orbix Daemon Workbook Server Server Manager Settings Server V4 Server Web Server V5 Server Redirector HTTP Tunnel Server 80 Browser With a Tunnel Proxy Process in a DMZ HTTP Tunnel Client Firewall HTTP Tunnel Proxy TunnelStartup

23 Bastion Host S0 Client Host Name resolution setup HTTP Reverse Proxy Server Host S1 Redirector HTTP Tunnel Server Browser HTTP Tunnel Client IP1:80,12872IP0:80,13100 HTTP Firewall Bastion Host External DNS Server Server Host Internal DNS Server 53 S0 IP0 53 S1 IP1 webstarter S1 IP0

24 Typical deployment Firewall Bastion Host External DNS Server :53 S1 IP0 S0 IP0 Bastion Host S0 (IP0) Reverse Proxy :13100 forward to S1:12872 IP1 S1 /etc/hosts: MyHttpProxy HTTP Proxy Server :8080 Client Host Tunnel Client -listen forward S0: proxy MyHttpProxy:8080 Server Host S1 (IP1) Tunnel Server -listen orbixd :1570 corbaProxy.properties: CATProxify=S1:12872 CATNoProxify=80 CATProxyGateway=localhost Web Server :80 serverconfig.list: srvcfg_portal_docbase= Browser

25 SSL Tunneling Tunneling through port 443 only Client Host Server Host webstarter Orbix Daemon Workbook Server Server Manager Settings Server V4 Server Web Server Browser V5 Server Redirector SSL Tunnel Server SSL Tunnel Client SSL Firewall HTTP TunnelStartup

26 Errors tracked (1/4) dangling pointers LCA metadata dangling pointers to vault metadata Vault database Dangling pointer ! LCA central database

27 Errors tracked (2/4) dangling pointers Vault metadata dangling pointers to file system Dangling pointer ! Vault databaseVault file system

28 Errors tracked (3/4) unreferenced data Unreferenced vault metadata Vault databaseLCA central database ? Unreferenced data !

29 Errors tracked (4/4) unreferenced data Unreferenced vault file Vault databaseVault file system ? Unreferenced file !

30 3DCOM Client ENOVIA Client Process SSO User Exit ENOVIA 3DCOM Server Host ENOVIA Server Manager Process ENOVIA 3DCOM Server Process SSO User Exit ENOVIA 3DCOM Server Host ENOVIA Server Manager Process ENOVIA 3DCOM Server Process SSO User Exit ENOVIA VPM V5 Server Host ENOVIA Server Manager Process ENOVIA VPM V5 Server Process SSO User Exit Secured Web Server Domain with LTPA Mechanism Web Application Server Host Non Secured SSO Servlet DB Server Host DB Server Processe s WAS Security Repository SSO Credential Repository Other Databases Web Application Server Host Web Application Server process SSO Web Service Secured SSO Servlet SSO User Exit Database Connection HTTP Connection IIOP Connection Client Side Server Side SSO User Exit Implementation using SSOClient (using CATJWSInfra) with JNI Implementation calling SSO Servlet without JVM (and without CATJWSInfra) Fork process SSO User Exit Implementation of the repository of SSO Server SSO User Exit Implementation calling SSO Servlet using JVM without CATJWSInfra Architecture

31 Communication Diagram LCA Server SSOClient Secured Web Application Server WAS Authetication Repository SSO Credential repository SSO Server LCA Database LCA Server needs to access LCA Database 1.1 : http: Authenticate itself with basic authentication: Basic user:password (base 64 encoded) 1.2 : WAS check user:password with its own repository 1.3 : http : return LTPA Token 2.1 : http: ask for DB2 credentials with LTPA Token 2.3 : http: return DB2 credentials 3 Acces to DB2

32 From ENOVIA VPM V5 CD-ROM, install on all clients and on the machine hosting the Web Application Server: One configuration containing VPM Navigator (for example, VDM configuration) Typical Instant Collaboration Setup Domino Sametime ENOVIA LCA server and vault server are OPTIONAL ENOVIA LCA Server ENOVIA Vault Server Collaboration Client WebSphere Application Server Runtime code (VDM) Collaboration Client VDM Mandatory

33 Lotus Instant Messaging and Web Conferencing (Sametime) 7 as Communication Server Client 21 LDAP 3 Collaboration Server: * IBM WebSphere Application Server, Advanced Edition * An HTTP server * IBM DB2 Universal Database * Java Runtime Environment 5 1 Communication Server: * Sametime Server 7 * An LDAP directory server * Java Runtime Environment 5 2 Client software prerequisites: * Java Runtime Environment 5 * If you are using 32-bit Instant Collaboration on Windows, you need to install the following packages on each client: o Microsoft.NET Framework Version 1.1 Redistribution Package o MicrosoftVisual J#.NET Version 1.1 Redistribution Package to allow access to the server via web services 3 3

34 MS Live Communication Server 2005 as Communication Server Collaboration Server: * IBM WebSphere Application Server, Advanced Edition * An HTTP server * IBM DB2 Universal Database * Java Runtime Environment 5 1 Communication Server: * MS Live Communication Server 2005 * An LDAP directory server * Java Runtime Environment 5 2 Client software prerequisites: * RTC SDK 12 * Java Runtime Environment 5 * If you are using 32-bit Instant Collaboration on Windows, you need to install the following packages on each client: o Microsoft.NET Framework Version 1.1 Redistribution Package o MicrosoftVisual J#.NET Version 1.1 Redistribution Package to allow access to the server via web services. 3 3 Client 21 3 LDAP

35 Client Process CATCsb Server Orbix Daemon Server Manager LCA Server TCP redirector Orbix Client Application TCP/IP Socket Client HostServer Host IIOP

36 Firewall Client Host 1 Server Host A Client Process Orbix Daemon LCA Server Server Host B Orbix Daemon VaultClient.properties Orbix.cfg / common.cfg VaultClient.properties B:3570 A B Logon A:1570 CATCsb Server Vault Server Server Manager CorbaProxy.properties CATProxify=A:1570,B:3570 Client Host 2 Client Process IIOP Orbix.cfg / common.cfg

37 Network topology to be addressed Firewall LCA Client 2 Proxy server LCA Client 3 LCA Client 1 LCA Server 1 Reverse Proxy server Firewall DMZIntranet OEM Network Supplier Network LCA Server 2

38 Physical network prototype Proxy server LCA Client3 Reverse Proxy server Reverse Internal domain Router2 Router1 Routing only HTTPS (port 443) + ping @IP4= External domainPublic domain DMZ domain.dmz.com.oem.com.supplier.com LCA Server2 DNS Server DNS Server HTTP HTTPS

39 LCA Server 2 HTTP Tunneling Solution Reverse Proxy LCA Client Orbix Daemon Workbook Server Server Manager Settings Server LCA Server Port Redirector HTTP Tunnel HTTP Tunnel IIOP IIOP/HTTP rules LCA OEM Network Supplier Network LCA Client 3 Reverse Proxy

40 LCA Server 2 SSL Tunneling Solution Reverse Proxy LCA Client Orbix Daemon Workbook Server Server Manager Settings Server LCA Server Port Redirector HTTP Tunnel HTTP Tunnel IIOP IIOP/ HTTPS IIOP/HTTP rules: LCA URL OEM Network Supplier Network LCA Client 3 Reverse Proxy IIOP

41 Physical network prototype Proxy server LCA Client3 Reverse Proxy server Reverse Internal domain Router2 Router1 Routing only HTTP (port 80) + ping @IP4= External domainPublic domain DMZ domain.dmz.com.oem.com.supplier.com LCA Server2 DNS Server DNS Server HTTP

42 Client Host Web Application Server Host Web Application Server DB Server Host DB Server ENOVIA Web Application ENOVIA Server Host ENOVIA LCA Server Code ENOVIA Server Manager LDAP Directory Server Host LDAP Directory Server ENOVIA LCA Client 3d com Classic VPM Navigator (on CATIA client) ENOVIA LCA Client 3d com Classic VPM Navigator (on CATIA client) ENOVIA 3d com Server Code ENOVIA V5 Database LDAP Repository Database LDAP Client Side Server Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator 3d com Web Navigator LCA Navigator 3d com Web Navigator WINTOPWEBTOP Vault Server Host ENOVIA_B16 Vault Server Clash Server Host (optional) Clash Server SSO Credentials Web Appli Server optional for Wintop clients

43 Client Host DB Server Host DB Server ENOVIA Server Host ENOVIA LCA Server Code ENOVIA Server Manager ENOVIA Fat Client 3d com Classic VPM Navigator (on CATIA client) ENOVIA Fat Client 3d com Classic VPM Navigator (on CATIA client) ENOVIA 3d com Server Code ENOVIA V5 Database Client Side Server Side Wintop WITHOUT Single Sign-On (SSO) Vault Server Host Vault Server Clash Server Host (optional) Clash Server You can run Wintop applications WITHOUT a web application server…

44 Client Host Web Application Server Host Web Application Server DB Server Host DB Server ENOVIA Web Application ENOVIA Server Host ENOVIA LCA Server Code ENOVIA Server Manager LDAP Directory Server Host LDAP Directory Server ENOVIA Fat Client 3d com Classic VPM Navigator (on CATIA client) ENOVIA Fat Client 3d com Classic VPM Navigator (on CATIA client) ENOVIA 3d com Server Code ENOVIA V5 Database LDAP Repository Database LDAP Client Side Server Side SSO Server Vault Server Host ENOVIA_B16 Vault Server Clash Server Host (optional) Clash Server SSO Credentials Wintop WITH Single Sign-On (SSO) You can run Wintop applications WITH a web application server and benefit from the SSO capability

45 Web Application Server Host Web Application Server DB Server Host DB Server ENOVIA Web Application ENOVIA Server Host ENOVIA LCA Server Code ENOVIA Server Manager LDAP Directory Server Host LDAP Directory Server ENOVIA 3d com Server Code ENOVIA V5 Database LDAP Repository Database LDAP Client Side Server Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator 3d com Web Navigator LCA Navigator 3d com Web Navigator WEBTOP Vault Server Host ENOVIA_B16 Vault Server Clash Server Host (optional) Clash Server SSO Credentials Webtop applications MUST be deployed in a web application server, and therefore benefit from the SSO capability

46 Web Application Server ENOVIA Web Application ENOVIA Server ENOVIA LCA Server Code LCA Navigator Code ENOVIA Server Manager ENOVIA 3d com Server Code 3d com Web Navigator Code Client Side Server Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator 3d com Web Navigator LCA Navigator 3d com Web Navigator WEBTOP ENOVIA_B17 In this example, the web application server and the ENOVIA server and Webtop code are on the same machine. SAME MACHINE

47 Web Application Server ENOVIA Web Application ENOVIA Server ENOVIA LCA Server Code ENOVIA Server Manager ENOVIA 3d com Server Code Client Side Server Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator 3d com Web Navigator LCA Navigator 3d com Web Navigator WEBTOP ENOVIA_B17 In this example, the web application server and Webtop code are on one machine, and the ENOVIA server is on another machine. MACHINE AMACHINE B LCA Navigator Code 3d com Web Navigator Code

48 Web Application Server ENOVIA Web Application ENOVIA Server ENOVIA LCA Server Code ENOVIA Server Manager ENOVIA 3d com Server Code Client Side Server Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator 3d com Web Navigator LCA Navigator 3d com Web Navigator WEBTOP ENOVIA_B17 In this example, the web application server and Webtop code are on one machine, and the ENOVIA server is on another machine. MACHINE AMACHINE B LCA Navigator Code 3d com Web Navigator Code UNIX install_path/$os/resources/sso/SSOClient.properties install_path/$os/resources/sso/SSOServer.properties Windows install_path\$os\resources\sso\SSOClient.properties install_path\$os\resources\sso\SSOServer.properties

49 Web Application Server ENOVIA Web Application ENOVIA Server ENOVIA LCA Server Code ENOVIA Server Manager ENOVIA 3d com Server Code Client Side Server Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator 3d com Web Navigator LCA Navigator 3d com Web Navigator WEBTOP ENOVIA_B17 In this example, the web application server and Webtop code are on one machine, and the ENOVIA server is on another machine. MACHINE AMACHINE B LCA Navigator Code 3d com Web Navigator Code install_path/$os/code/dictionary/CATSSO.dictionary (UNIX) install_path\$os\code\dictionary\CATSSO.dictionary (Windows) … export CATJWSServiceDirectory/CATLoginServletHost/CATSMWebMode variables in shell launching the ServerManager … install_path/$os/startup/sso/ServerManagerPwd or ServerManagerUser (UNIX) install_path\$os\startup\sso\ServerManagerPwd or ServerManagerUser (Windows) UNIX install_path/$os/resources/sso/SSOClient.properties install_path/$os/resources/sso/SSOServer.properties Windows install_path\$os\resources\sso\SSOClient.properties install_path\$os\resources\sso\SSOServer.properties

50 Web Application Server ENOVIA Web Application ENOVIA Server ENOVIA LCA Server Code ENOVIA Server Manager ENOVIA 3d com Server Code Client Side Server Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator 3d com Web Navigator LCA Navigator 3d com Web Navigator WEBTOP ENOVIA_B16 MACHINE AMACHINE B LCA Navigator Code 3d com Web Navigator Code Client Host ENOVIA LCA Client 3d com Classic VPM Navigator (on CATIA client) ENOVIA LCA Client 3d com Classic VPM Navigator (on CATIA client) WINTOP UNIX install_path…startup.properties install_path…logon.properties install_path…VPMlogon.properties install_path/$os/code/dictionary/CATSSO.dictionary (UNIX) install_path\$os\code\dictionary\CATSSO.dictionary (Windows) … export CATJWSServiceDirectory/CATLoginServletHost/CATSMWebMode variables in shell launching the ServerManager … install_path/$os/startup/sso/ServerManagerPwd or ServerManagerUser (UNIX) install_path\$os\startup\sso\ServerManagerPwd or ServerManagerUser (Windows) UNIX install_path/$os/resources/sso/SSOClient.properties install_path/$os/resources/sso/SSOServer.properties Windows install_path\$os\resources\sso\SSOClient.properties install_path\$os\resources\sso\SSOServer.properties

51 Web Application Server ENOVIA Web Application ENOVIA Server ENOVIA LCA Server Code LCA Navigator Code ENOVIA Server Manager Client Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator ENOVIA_B16 End user loads the ENOVIAPortal URL in a browser, and logs on using an LDAP identity, for example: Username: SMQ Password: SMQ The browser connects to the WAS using the credentials: SSO Username: SMQ P&O Username: SMQ OS User who starts LCA server: SES Password of OS User who starts LCA server: XXXXX SSO has been activated by editing ONLY the SSOServer.properties and SSOClient.properties files SSO Token not propagated!!! LDAP userid and P&O Username are the same, an application session is started, but the SSO token is not propagated. Consequently, the object creator will be the OS user who started the LCA server manager. SCENARIO 1: SSO IS NOT ACTIVATED

52 Web Application Server ENOVIA Web Application ENOVIA Server ENOVIA LCA Server Code LCA Navigator Code ENOVIA Server Manager Client Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator ENOVIA_B16 End user loads the ENOVIAPortal URL in a browser, and logs on using an LDAP identity, for example: Username: SMQ Password: SMQ The browser connects to the WAS using the credentials: SSO Username: SMQ P&O Username: SMQ OS User who starts LCA server: SES Password of OS User who starts LCA server: XXXXX SSO has been activated fully on the server side (all necessary variables have been exported) SSO Token is correctly propagated LDAP userid and P&O Username are the same, an application session is started, but this time the SSO token is propagated correctly. Consequently, the object creator will be the P&O user, not the OS user who started the LCA server. SCENARIO 2: SSO IS CORRECTLY ACTIVATED

53 Web Application Server ENOVIA Web Application ENOVIA Server ENOVIA LCA Server Code LCA Navigator Code ENOVIA Server Manager Client Side SSO Server Client Host A browser is used to access the following web applications deployed in the web application server (no code is installed): LCA Navigator ENOVIA_B16 End user loads the ENOVIAPortal URL in a browser, and logs on using an LDAP identity, for example: Username: SMQ Password: SMQ The browser connects to the WAS using the credentials: SSO Username: SMQ P&O Username: SES OS User who starts LCA server: root Password of OS User who starts LCA server: XXXXX SSO has been activated by editing ONLY the SSOServer.properties and SSOClient.properties files SSO Token not propagated!!! P&O Username and OS User who starts LCA server are different, a session is started, but it is impossible to continue, demonstrating that the SSO token is not propagated, so the LCA server is NOT activated in SSO mode SCENARIO 3: SSO IS NOT ACTIVATED, BUT IMPOSSIBLE TO CONTINUE

54 Install CATIA V5 on each client From ENOVIA VPM V5 CD- ROM, install on each client one configuration containing VPM Navigator (DER or VDM configuration) Deploying ENOVIA V5 VPM ENOVIA LCA Server ENOVIA Vault Server CATIA V5 Client DER/VDM