Configuring Temenos Workbench

This section provides details about the configuration of Transact area and Keycloak Authentication Service.

NOTE: For Windows, Apache Tomcat 9.0 QuantumFabric_SVC and MySQL57 services are installed and by default, they are automatically started during Windows start up. If needed, you can configure them to start manually. In such case, start MySQL first followed by Quantum Fabric. You need to ensure Quantum (Fabric and its associated database) is started. It can take a few minutes to have Fabric service started.

When downloading a new release of Temenos Workbench you need to,

  • Modify the global variables in the …\workbench-cli-202010.0.2\appJs.properties file according to the system requirements .
  • Run the deploy.cmd file after placing the new dsfworkbench-202010.0.2.zip file in …\workbench-cli-202010.0.2.

If you open Temenos Packager or Rules Manager in Temenos Workbench using Chrome and get an application error, you need to change the default behaviour of cookies in Chrome.

DSF’s Package Manager and Rule Manager are embedded in the DSF workbench, and requests are made cross-site (DSF workbench to DSF), which is by default not supported by Chrome.

To enable the cross-site support in Chrome, you need to,

  1. Update appJs.properties with AppServer.host.url=workbench:9089
  2. Execute C:\Temenos\WorkbenchDev\workbench-cli-DEV.0.0-SNAPSHOT\deploy.cmd
  3. Clean up Chrome cache (chrome://settings/clearBrowserData?search=cache)

During the installation process, you need to create two users, one each for,

  • Quantum server console on which Temenos Workbench is deployed and
  • Temenos Workbench login

Configuring Transact Area

This section explains all the configurations or installations required to setup Transact in Workbench.

Temenos Packager

Refer the Temenos Workbench Installation guide for the configuration of Temenos Packager.

Transact Explorer Application

For the Transact Explorer screens to run in Temenos Workbench, you need to deploy tb-server.war file (delivered with Temenos Workbench) in the application server (JBoss, WebSphere and so on).

Linking Application Server and Database with Quantum On-Prem Fabric

You need to link Quantum Fabric with an application server (JBoss, Tomcat and so on) and database (Maria DB, MySQL and so on) based on the requirements.

To link the application server and database,

  1. Install the Quantum Fabric in the Windows machine. Refer Quantum Fabric Install Guide for Windows to install Quantum Fabric V9.
  2. Login to the Fabric console using valid credentials. For example, sample URL for console is http://<host>:<port>/mfoconsole.
  3. Start the application server and database that needs to be associated with the fabric.

  4. Click ADD NEW from the console dashboard.

  5. Enter the Environment Name (for example, MyEnv) and http://<host>:<port> in URL.
  6. Click TEST CONNECTION to verify the added server.
  7. Click SAVE to save the configurations.

Configuring Keycloak Authentication Service

Keycloak authentication enables single sign-on authentication to the application. This section provides the details on how to set up the Keycloak server and configure Keycloak client.

Setting up Keycloak Server

To set up the Keycloak server,

  1. Go to https://www.keycloak.org/downloads folder and download the latest ZIP file from the server section, and extract the same.

  2. Go to \keycloak-11.0.3\standalone\configuration
  3. Open standalone.xml and modify the ports (as highlighted in the below screen capture). This port is different from that of the Fabric and Application server.

  4. Go to <Keycloak_Installation_Folder>\bin and run the standalone.bat file to start the JBoss server. The Keycloak is set up successfully.

Configuring Keycloak Client

To configure Keycloak client,

  1. Start the JBoss server and open the Keycloak web application using http://localhost:8180/auth/.
  2. Login to the administration console as admin/admin.
  3. Create a new client for the Temenos Workbench application that needs to be authenticated through Keycloak.
  4. Open Keycloak and click Add Realm.

  5. Enter WorkbenchAgent in Name and click Create.

  6. Open the created realm and click Realm Settings > General.
  7. Enter Name and Display name and click Save.

  8. Click Clients > Settings and enter the following values in the respective fields.
    • Client ID: Workbench
    • Client Protocol: openid-connect
    • Access Type: public
  9. Enter the following configurations according to the host and port you have defined in the Fabric.
    • Root URL: http://<dns_name>:<port>/apps/dsfworkbench
    • Valid redirect URLs: http://<dns_name>:<port>/authService/100000002/oauth2/callback. This is the URL provided by the OAuth2.0 Identity Service in Fabric.
    • Base URL: http://<dns_name>:<port>/apps/dsfworkbench
    • Admin URL: http://<dns_name>:<port>/apps/dsfworkbench
    • Web Origins: http://<dns_name>:<port>
    NOTE: In the above configurations, <dns_name> can be hostname/machinename/ipaddress/localhost and <port> refers to the port on which your Fabric is running.
  10. Enter RS256 in Access Token Signature Algorithm and ID Token Signature Algorithm under Fine Grain OpenID Connect Configuration.

  11. Click Roles > Realm Roles and click Add Role.

  12. Enter WorkbenchAdmin as Role and click Save.

  13. Click Users > Details to create a new Transact user that has to be authenticated through Keycloak. For example, INPUTT can be set as the user.
  14. Enter the required field details as shown in the below screen capture and click Save.

  15. Enter the password for the user created in the Credentials tab.

  16. Map the WorkbenchAdmin role to the user created in the Role Mappings tab.

  17. Repeat the steps to create a developer user and set the WorkbenchDeveloper role to the user.

    Keycloak is configured successfully. You can use the credentials configured in Keycloak to login to Temenos Workbench.

Expand/Collapse
Share
Print

In this topic

Copyright © 2020- Temenos Headquarters SA

Published on :
Saturday, April 30, 2022 3:51:46 PM IST

Feedback
x