The WebConfigurator (WCF) provides extensive configuration methods for LUCS directly from within the browser. This component itself is optional, but can be installed alongside the LUCS Configurator app on the server machine, providing access to nearly identical features and options. Calling the URL of the server instance, followed by the port specified during installation, will open the WebConfigurator directly in-browser. 

(lightbulb) The WebConfigurator has nearly the same features as the LUCS Configurator but uses a different UI approach. The underlying configuration changes done with both tools are the same.

WebConfigurator Sidepanel

Installation

  1. Run the LUCS.WebConfigurator.Setup.msi. Provide the following settings:

    The LUCS front end installation wizard settings are explained in the table below:


    Field

    Description

    Instance NameEnter the server instance name


    The setting is stored in "C:\Program Files\Luware AG\LUCS-WebConfigurator\AppSettings.config" as

    <add key="InstanzName" value="yourservername"/>

    Port Number

    Enter the server port number.

    The setting is stored in "C:\Program Files\Luware AG\LUCS-WebConfigurator\AppSettings.config" as

    <add key="PortNumberToAdd" value="4000"/>

    Site Port NumberEnter the site port number. The default port number 88 is recommended for http and 443 for https. The used site port number should be not used by other sites


    The setting is stored in IIS.

    Security ProtocolChoose the security protocol between http and https


    The setting is stored in IIS.

    System Administrator GroupEnter the Distinguished name value of the System Administrator Group from Active Directory


    In the following format without spaces:

    CN=GroupName,OU=OrganizationalUnitName,OU=OrganizationalUnitName, DC=DomainComponent,DC=DomainComponent


    The setting is stored in "C:\Program Files\Luware AG\LUCS-WebConfigurator\AppSettings.config" as follows:

    <add key="SystemAdministratorGroup" value="CN=LucsFEAdmin_carmine,OU=carmine,OU=Development,DC=dev,DC=local"/>

    (warning) The System Administrator Group can override LUCS internal RBAC rights

    User DomainIf the ‘User Domain’ field is empty:
    1. If user enters his login on Webconfigurator without domain,
      → the system uses the domain, where Webconfigurator is installed.
    2. If user enters his login on on Webconfigurator  including a domain
      → the system uses the entered by the user domain.


    If the ‘User Domain’ field is provided:

    1. If user enters his login on Webconfigurator without domain,
      → the system uses the domain from the ‘User Domain’ field.
    2. If user enters his login on on Webconfigurator  including a domain
      → the system uses the entered by the user domain.


    The setting is stored in "C:\Program Files\Luware AG\LUCS-WebConfigurator\AppSettings.config" as follows:

    <add key=‘UserDomain’ value=‘dev.local’/>

    Default SIP domain

    Specify the SIP domain under which your users will communicate with each other.


    The setting is stored in "C:\Program Files\Luware AG\LUCS-WebConfigurator\AppSettings.config" as follows:

    <add key="DefaultSipDomain" value="dev.luware.com"/>

    Disable Windows AuthenticationIf the check box is ‘true’,  windows credentials are not applied automatically and user will be redirected to Login page.


    By default is set to ‘false’.

    Configure Certificate Security

    If the check box is ‘true’  the certificate settings has to be defined during the installation:

    – server settings specify which settings other services will use while connecting to FE and FE Core

    – client settings specify which settings FE and FE Core will use while connecting to PS

    (info) Note: The system reports all errors related to  connection or certificate issues to a log file ‘C:\Program Files\Luware AG\LUCS-ICH\log\connectionIssues.log’.

Configure Certificate during Installation

One of the requirements for building service-oriented system is to protect the transmitted data. To guarantee the safety of this data, Luware products provide the possibility to use certificate-based encryption and verification during the communication between a client and a server. The client identifies itself with this certificate. The service accesses the server to confirm the authenticity of the certificate - and in extension -  the client. 

Certificate Setup during Installation

The certificate security can be configured during installation of Luware components and services. There are two sets of settings that can be configured:

  • Server settings: The server settings specify which settings the service will use to validate other services when they try to reach this service.
  • Client settings: The client settings specify which settings the service will use while connecting to other services.

To configure certificate security select 'Configure Certificate Security' flag during installation:

Upon clicking 'Next' button with this flag enabled you will be presented an extra step to configure options:

Control Name

Required?

Description

Mode

No

  • None : No security is applied during the communication between a server and a client.
  • Transport: Enables security of communication between a client and a service via network protocol. Guarantees confidentiality and integrity of messages at transport level, since transport security secures the entire communication channel.

Validation Mode

No

  • None: No validation is performed.
  • ChainTrust: : In this mode WCF simply validates the certificate against the issuer of a certificate known as a root authority (the expiration time is checked, too).
  • PeerTrust: In this mode WCF simply checks if the incoming certificate is installed in the Local machinePersonal  folder in the certificate store (the expiration time is checked, too).
  • PeerOrChainTrust: Mixed mode.

Is Dedicated

No

  • False: Encryption is done with default certificate. It means that certificate with the hostname of the machine from the Personal Store is used on the server side.
  • True: Encryption is done with a dedicated certificate. It means there is a possibility to configure an identifier (thumbprint) of the certificate.

Thumbprint

No

A certificate thumbprint is a hexadecimal string that uniquely identifies a certificate. A thumbprint is calculated from the content of the certificate using a thumbprint algorithm.

→ This is to be generated via Microsoft Management Console. Read more about it on the "Retrieve Thumbprint of a Certificate" page from Microsoft.

Important Notes

When copied from the source the thumbprint is unicode encoded but you need it in plain ASCII → Notepad++ or any equivalent editor is a great help to convert it.

(tick) Don't forget to set up permissions for the certificate private key so that the service account can access it.

Configurition of Certificate Security using config file

After services were installed , certificate security can be configured in configuration file of the service:

  1. Open the folder where the service is installed.
    Default: C:\Program Files\Luware AG\LUCS-WebConfigurator
  2. Find config file (LuwareSecurity.config) and open it.
  3. Find <luwareSecurity> section and edit it.

Certificate Security settings in config file