Admin Guide

Last modified by stephane lauriere on 2015/10/20 17:10

  1. Introduction
  2. Emerginov management
    1. Todo list
    2. Manage users
    3. Manage projects
  3. Tools
    1. VoIP
    2. Projects API
    3. Open Service Access (OSA) Appliance
    4. PhpMyAdmin
    5. Publish projects APIs as plateform APIs
      1. Enabled private restricted access to API
      2. Publish the API on API Shop
      3. Allow access form Internet

Introduction

An Emerginov Administrator is a person who will validate the users and the projects and ensure that the platform is working fine.

Most of the operations are done through a dedicated web interface (http://<YourEmerginov>/admin).

You need to have special rights to access to this portal.

Emerginov management

The creation of users can be done only by the administrator though the web portal.

Log on on the admin portal https://<your Emerginov/admin/.

The default admin credentials are defined during the installation of the platform. You must authenticate and be part of the admin group.

The authentication page is firstly displayed (accept the SSL certificates)

admin1.png

Todo list

Once authenticated, the admin page shall be displayed:

admin2.png

The default page is the Todolist page where the actions initiated from the users expected (project validation) from the administrator are displayed.

Manage users

The users can be created only the the administrator. The user creation is very basic, 3 parameters are expected:

  • login
  • password
  • email address

admin5.png

You can see the different users on the system in the Manager users section.

If you click on any of the users, you can have access to additional information:

  • creation date (activity)
  • the projects the person is involved in (with a star for the projects he/she is leader)

admin6.png

The admin cannot reset the password from the admin interface but the user can do it through the self-care page.

Manage projects

The administrator can access to the project page.

admin4.png

If you click on one of the project, you get details on the selected project.

  • status (deployed / undeployed)
  • description
  • members of the project (the project leader is identified by a star)

admin7.png

it is possible to remove members from an existing project.

Tools

4 menus are defined in the section tools:

  • VoIP
  • Projects API
  • Appliance
  • PhpMyAdmin

VoIP

The VoIP admin interface is based on opensips-cp.

It is mainly used to:

  • connect PSTN numbers to vocal services
  • manage the diaplan for the IP 2 PSTN calls
  • manage VoIP users

One of the most common admin operation consists in assigning a routable number from your routable number pool to a project. Every vocal project on Emerginov can be reached via a VoIP client, but it really starts making sense when the service become available from a GSM device. As the routable numbers are rare resources, they are attributed manually.

The administrator of the platform must

  • login on the Emerginov admin page
  • click on the VoIP link
  • login again (same creads)
  • click on "Service"
  • click on "Dialplan"
  • If the Admin wants to allocate a number to a specific micro-service, he first has to check if this number is already used. If so, he first has to delete the line corresponding to the number.
  • Once done, click on the “clone” icon corresponding to the line of one of the remaining numbers allocated (or create a new one but clone is faster and avoid mistyping). A new window will be displayed:
  • change the name of the existing project name by the project name that should be connected to the line (all names should be put in capital letters)
  • click on “apply changes to server” in order for them to be taken into account. A window should appear with the following message “command successfully executed” confirming that everything is allright.

2014-12-18--1418916470977x896scrot.png

More information on http://opensips-cp.sourceforge.net/

Projects API

Emerginov integrates an API nursery to manage internal APIs (mainly SMS, click to call but could be used for any API to be exposed)

The projects API page allows the administrator to validate API subscription done by the users.

portal-admin-nursery2.png

Through this web interface the main actions for an administrator are:

  • validation of user API
  • supervision of APIs in the different projects
  • manage APIs

APIs to be validated appear in the left column (Projects with new requests).

Please note that the API shop is linked to the administration of the user. When a new user is created, the nursery profile is created at the same time.

Open Service Access (OSA) Appliance

The appliance is also linked to the API shop.

It provides the information on the current consumption of the APIs (per second, per day, per month) as well as log regarding the use of the API.

admin9.pngIt is possible to reset the counters.

PhpMyAdmin

It is used to manage the MySQL database.

see http://www.phpmyadmin.net/home_page/index.php for details.

Publish projects APIs as plateform APIs

Some projects may develop very interesting APIs and you may want to publish those APIs as platform API, i.e with protected access and subscription through the API shop.
This section will explain how to acheive this.

note:  This procedure is available since Emerginov 1.2

Enabled private restricted access to API

The first thing to do is to enabled a "private" restricted  acces to the project API to allow direct acces to this API only for the emerginov API access gateway:

  • directly connect as root the "dev" server where the project is hosted, and:
  • go to /var/www/<PROJECT-NAME>
  • in the directory where the API is located, create or edit .htaccess
    AuthType Basic
    AuthName "My Protected Area"
    AuthUserFile /var/www/<PROJECT-NAME>/<API-FOLDER>/.htpasswd
    Require valid-user
  • in the same directory execute the following command:
    htpasswd -c .htpasswd <PRIVATE-USER> <PRIVATE-PASSWORD>

note: once done, access to the API with the previous URL (http://projects.<YOUR-EMERGINOV-DOMAIN>/<PROJECT-NAME>/<API-FOLDER> will trigger a basic authentication.
It's very important keep secret the credential defined upside.
For users/developers, acces to API will be done via the Emerginov API access gateway (OSA) with following step

Publish the API on API Shop

With you web browser, connect the API Shop from the admin page, and then choose "Add API" from the "APIs manager" menu

In the main section fill the following required fileds:

  • API Name
  • Description
  • Version (Minor/major)
  • Categories (Orange Add button)

add-api-main-section.png

On the "Publishing infrastructure tab", fill the following fields:

  • [Optional] Traffic quotas on service (requests per second, day and month), only if your want to limit globally the traffic on this api
  • [Optional] Indentity forwarding: it he checkbox is check, when the api is invoked, it received a HTTP Header called Public-Root-URI containing the user name of  the requestor
  • Backend connection:
    • URL: https://projects.<YOUR-EMERGINOV-DOMAIN>/<PROJECT-NAME>/<API-FOLDER>
    • Username: User defined in previous step for .htpasswd file
    • Password: Password defined in previous step for .htpasswd file

End, optionaly, on the "Mediation and controls" check the "Per consumer quota management" check box if you want to control traffic (requests per second, day and month) with specifc quotas per subscribers/consumers)

Finally, click on "Submit" button.

You're done!

Allow access form Internet

By default, Emerginov APIs are only available internaly from the platform.
But, for some of them, you may want to allow access form the internet (ex. API for Ajax).

Enabling such an access is devided in 2 point, the first one is to do only the first time you want to enable access.

Create a publication node on Internet

With you web browser, connect the API Manager from the admin page, and then choose "Add" from the "Node" menu
Fill fields of "General" tab with following values/indications:

  • Node name: HTTPS
  • Use HTTPS: checked
  • Local IP: poublic.emerginov.localnet
  • Port: 443
  • Server FQDN: api.<YOUR-EMERGINOV-DOMAIN>
  • Use basic authentication: checked
  • Use cookie authentication: checked

Cleck on "Save", you're done.

Allow or deny access from internet for an API

note: We strongly recommend you to don't change those settings for standard Emerginov APIs (I.E not initialy published by your self) to avoid to create big security holes in the plateform (ex.: Enabling internet access for platform admin web services)

By default, APIs publihed in the previous step on the API shop are available on the "internet" node (i.e. form intenernet)
For the URL, check the url defined for the API in API Shop

  • APIs Manager/APIs List menu
  • Click on your API
  • Go to "Publishing infrastructure" tag

URL is the same av the one defined for "Internal Endpoint" except the prefix with is https://api.<YOUR-EMERGINOV-DOMAIN> instead of http://api.emerginov.localnet:81

But optionaly you may want to deny access from the internet for some APis
To do this:

  • With your web browser, connect the API Manager from the admin page
  • Choose Services/List menu
  • Click on the edit button in form of your API edit-api-osa.png
  • Go to "Nodes" tab
  • Uncheck "Available on all active nodes"checkbox
  • In the list box (multiple) select wished publication nodes:
     HTTP: the API is available internaly from the emergionov platform
    • HTTPS: the API is available from internet
  • Click on "save" button
Tags:
Created by stephane lauriere on 2012/10/29 12:19

Partners

Orange

VOICES

EU - FP7

OW2

© Emerginov
Site maintained by OW2