Portal

If you a closed system with no internet access BridgeGate will be unable to check for new versions of the software.

You will see an error message says trying to get latest service pack from internet every hour. [com.oidev.bridgegate.BridgeGateController] retrieveLatestServicePackLocation() unable to get LatestServicePackLocation from http://www.bridgegatedev.com/software/9.0/currentsplocation.html

This check can be disabled by adding CHECK_SVC_PACK=”FALSE” to the bridgegate.xml under the BRIDGEGATE_CLUSTER element.

<BRIDGEGATE_CLUSTER BIND=”192.168.*.*” FAILOVER=”FALSE” NAME=”BG-SMS” PING_RATE=”30000″ SP_DEPLOY_TIMEOUT_IN_MINS=”5″ CHECK_SVC_PACK=”FALSE” />

To Turn on logging of Bridgegate clustering you need to enable Hazelcast logging.  First verify the bridgegate\bin\bg_service.conf contains the following -D options

wrapper.java.additional.26=-Dhazelcast.logging.type=slf4j

Or on Linux make sure the /bridgegate/bin/runbridgegate has the following JAVA Opt

JAVA_OPTS=”${JAVA_OPTS}-Dhazelcast.logging.type=slf4j”

You then can enable it from the Server Management Page and Server Log Tab inside it, from the bridgegate portal. Alternately, edit the file conf/log4j.xml file in the Bridgegate Home. Locate the element category with attribute name com.hazelcast. The priority value can be changed from OFF to INFO or DEBUG.

<category name="com.hazelcast"> 
<priority value="OFF"/> 
<appender-ref ref="HAZELCAST" /> 
</category>

The BridgeGate users passwords have a minimum eight chars long with upper and lower case letters, numbers.    The user passwords are the same for portal, FTP, SSH, SFTP and all other related BridgeGate services the user has permissions to access. Note: This can be replaced with using LDAP or other authentication systems.

The Portal/Operations/Transaction  page uses Java Script.  Under certain circumstances old Java Script files may exist which could affect the transaction search results.  This occurs mostly using IE.  Try deleting the existing IE Browser Java Script files via the following, restart the browser and perform your search again.

Internet Options/General Tab/Browsing History/select the Settings Button

In the Temporary Internet Files tab, select the View Files button.

In the window, select view details and sort by Type.

Scroll down to the Java Script File types and delete the Java Script Files.

Effective BridgeGate Version 8.0.6, System Schedules will no longer be administered via the BridgeGate.xml. The System Schedules are now maintained via the Portal on the Administration>Server Management->BridgeGate System Schedules tab.

For example:  If your bridgegate server is running on port 8081 and you want the external URL to be     http://dev.bridgegatehealth.com     You can create a Virtual Host in apache to act as a proxy

<VirtualHost *:80> ProxyPreserveHost On ProxyPass        “/” “http:// YOUR_INTERNAL_IP:8081/” ProxyPassReverse “/” “http://YOUR_INTERNAL_IP:8081/” ServerName dev.bridgegatehealth.com </VirtualHost>

Many more options and details can be found on the httpd.apache.org website.

The answer is that there are several options, each with their own trade-offs. Let me explain the best options to you, and you can choose the best one for your environment. 

I.  Increase maxThreads

The server.xml is configured such that the HTTP connector on port 8080 has a setting maxThreads=”300″.  However, the AJP 1.3 connector, which is the connector from httpd (mod_jk), is configured with the default thread count.  Increasing this thread count will increase the number of transactions actually running in parallel at any given time, but it may cause additional memory to be used. 

Note that the memory size reported in either Task Manager or BridgeGate is not necessarily indicative of the actual amount of memory being used at any given time. This is due to the generational memory management of the Java Virtual Machine. Basically, the JVM may be holding onto 3.6GB of memory, but may be using only a small fraction of that at any given time. The only way to really be sure how much memory is being used is by attaching a profiling application, such as jvisualvm, jstat, or any of a number of other profilers. 

The bottom line is that this setting will increase concurrent processing, but may use additional memory to do so. 

II. Increase backlog

The other option is increasing the size of the “backlog” setting on the AJP connector. This setting is analogous to the “acceptCount” setting on the HTTP connector (see http://tomcat.apache.org/tomcat-5.5-doc/config/ajp.html). When all threads are in use, the system will stil accept up to this count of connections, which will wait for free threads to process. 

Increasing this setting would keep the connections from being refused, but each additional connection sitting in the queue will wait for processing. Depending on how long they wait, the time to process may be longer than your SLA will allow.  

In BridgeGate Version 7 and 8, you can alter the file server/conf/web.xml: 

<!-- ==================== Default Session Configuration ================= -->
<!-- You can set the default session timeout (in minutes) for all newly   -->
<!-- created sessions by modifying the value below.                       -->
  <session-config>
      <session-timeout>30</session-timeout>
  </session-config>

The same setting exists in 6.0, but the file is jboss/server/bridgegate/system/jbossweb-tomcat55.sar/conf/web.xml

View full Server Config docs

Disabling SSL3 in BridgeGate  should be pretty straightforward.  The server/conf/server.xml file contains a block that describes the SSL port configuration. Specifically, there is a setting that indicates the protocol, which by default reads sslProtocol=”TLS”.  Apparently, this is not entirely true,because it will roll back to SSL3.  

To get around this, you must specify the enabled protocols.  You can set this using the sslEnabledProtocols setting in that block, as shown in this configuration:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false"
           sslProtocols = "TLS" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
           keystoreFile="C:/certificates/keystore.jks"
           keystorePass="P@55w0rD"  />

This is slightly different in BridgeGate 6.  The sslEnabledProtocols configuration was added in Tomcat 7, but there is an undocumented similar setting for BG6.  In the jboss/server/bridgegate/system/jbossweb-tomcat55.sar/server.xml file, add the protocols option as in the following:

<!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
<Connector port="8443" address="${jboss.bind.address}"
     maxThreads="300" strategy="ms" maxHttpHeaderSize="8192"
     emptySessionPath="true"
     scheme="https" secure="true" clientAuth="false" 
     keystoreFile="keystore.jks"
     keystorePass="password" sslProtocol = "TLS" protocols="TLSv1,TLSv1.1"/>

If you have openssl installed on your system, you can verify SSL3 is disabled by running the following: 

openssl s_client -ssl3 -connect  <host>:8443

While the following should work:

openssl s_client -tls1 -connect <host>:8443

Modify the urlrewrite.xml located at \bridgegate\conf to have the rule.  Note make sure ampersands (“&”) properly encoded, as follows:

     <rule>
          <from>/report-856$</from>
          <to type="forward">/portal/executeworkflow?accountName=hsn&amp;wfGroupName=adhoc&amp;wfName=856trans_from_today</to>
    </rule>

 

I was thinking it would be cool to use BridgeGate as a reporting tool.  To do that I would need to have the workflow executed on Demand with a URL which I know can be done?

The other think I didn’t know is if a variable could be entered as part of the url or could be promoted. 

 I.E.  A report that would be configured to run by different catalog code and the user would provide the code.

— Answer —

The easiest way would be setting up a WF with the BridgeGateHTTP Adapter with ‘Enable Workflow to be Executed as a Service’.

Create New In-Values with the ‘Add to Workflow Session’ selected to receive the values you want to receive into the Workflow.

The URL Preview will add the new URL parameter for use.

http://[SERVER_URL]/portal/executeworkflow?accountName=samples&wfGroupName=sample1&wfName=test_wf&catalog_code=[SESSION_VALUE]

http://localhost:8080/portal/executeworkflow?accountName=samples&wfGroupName=sample1&wfName=test_wf&catalog_code=123456

To enable TLSv1.2 to be used as the default, add the following to the bg_service.conf:

wrapper.java.additional.40=-Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1

• Authentication : This specifies whether Authentication should be performed and if so what type.
  • NONE : No authentication will be performed by this BridgeGate Web Service.
  • BASIC : Choosing BASIC will reveal inputs for user name and password. These values will be stored in the workflow for comparison against values provided in the request as follows:
    • The BridgeGate Web service will use the inbound SOAP header to identify the username and password to use for authentication.
    • BridgeGate will look for ‘Username’ and ‘Password’ in the SOAP header.
    • The Username field is assumed to be plain text.
    • The Password field is assumed to be base64 encoded.
  • BRIDGEGATE : The BridgeGate Web Service will authenticate the values provided in the request against the BridgeGate Users as follows:
    • The BridgeGate Web service will use the inbound SOAP header to identify the username and password to use for authentication.
    • BridgeGate will look for ‘Username’ and ‘Password’ in the SOAP header.
    • The Username field is assumed to be plain text.
    • The Password field is assumed to be base64 encoded.
    • The username and password will be authenticated against the BridgeGate Users and the Users must have BridgeGate Web Service portal permissions.

Our BridgeGate server will not start. The first exception in the stack trace is this:

Caused by: java.net.BindException: Address already in use: JVM_Bind

 Which indicates that something is already using one of the ports you are trying to open.  Specifically (the next element up the chain):

Caused by: java.net.BindException: Address already in use: JVM_Bind <null>:80

 So, port 80 is in use by something that is not BridgeGate. Now, trying to find what is running on port 80:

netstat -ano | find “:80”

yields:

TCP    0.0.0.0:80     0.0.0.0:0     LISTENING     4

You may have IIS or another webserver running on this server.   We recommend installing Bridgegate Webserver on port 8080 

Review server configuration