Domibus v4.2.3 Admin Console Help
Admin Console GUI
Login
To login to the Administration Console, go to the console URL address.
Default location at http://localhost:8080/domibus/login (Tomcat example).
The version number of the Domibus/Administration Console is displayed at the bottom of the Login screen as shown below:
Connect to the administration console using the credentials of the administrator user (by default: user = admin; password = 123456).
After your first login with the admin credentials, you will be redirected to the Change Password page in order to change it immediately:
Note that the default password check option can be disabled in the Domibus properties.
After a successful logon or password change, the Messages page will be displayed:
Multitenancy and domain selection
In Multitenancy mode, each domain has its own set of configuration files including: Keystore, Truststore, PMode, Domain properties. Users are defined for each domain.
The super (supervisor) user has a ROLE_AP_ADMIN role with privileges to access all the available domains.
When logged as super, you are able to select a specific domain listed in a drop-down list in the upper right hand part of the admin console:
Left Sidebar Menu
The console's left sidebar menu provides a list of options available in the Administration Console, as shown below:
Hereafter, a brief description of each main menu items is given:
Messages
On this page, the administrator can see the details of the messages and re-process them if required. The administrator can also navigate through the messages history and download specific messages if needed.
Message Filter
On this page, the administrator can apply defined filters and access them individually.
Error Log
On this page, the administrator can view the list of application errors, perform searches on error messages and filter them.
PMode
On this page, the administrator can upload or download the PMde file. The administrator can also edit and modify directly the individual domain PMode.
JMS Monitoring
On this page, the administrator can monitor and manage the contents of the JMS queues.
Truststore
On this page, the administrator can upload a new truststore to replace the current one.
Users
On this page, the administrator can create and manage users including: grant access rights, change passwords, assign roles, etc.
Plugin Users
On this page, the administrator can manage the plugin users including: create, delete, edit, grant access rights, assign roles, etc.
Audit
On this page, the administrator has an overview of changes performed in the PMode, Parties, Message Filter and Users pages.
Alerts
This page displays the alerts generated by Domibus in case of unusual behaviour of the application. The alerts are configured by the administrator.
Connection Monitoring
On this page the administrator can perform basic tests of communication configurations between two access points.
Logging
Admin and Super admin users can change the Logging levels at runtime for the Domibus application.
Domibus Properties
In the Dominbus properties section of the Admininstration Console, the list of all Domibus Properties are displayed: some of the properties can be edited, others are read-only.
Logout
To logout from the Administration Console, click on the Logout button available at the top right hand corner of the screen menu:
Change password
To change your password, click on the Logout button available at the top right hand corner of the screen menu and select Change password.
Filtering
The Administration Console provides a filtering functionality. To activate the filters, click on the Advanced button at the top of the screen, to deactivate them, click on Basic:
Sorting on column
Click on any column header to sort on the the chosen column (Message Id, From Party Id, To Party Id, Message Status etc..)
By default, messages are sorted by Message Id, with the most recent message at the top.
Adaptable Columns
Show/Hide columns
The user can adapt the Administration Console screens to display or hide one or more columns.
Click on Show Columns/Hide Columns at the top right hand of the screen to see the list of available columns, then check/uncheck the boxes next to the column header names to choose which columns needs displaying or not:
Moving columns on the Administration Console screens
Columns on the Administration Console screens can be moved left hand or right hand by simply dragging-and-dropping the column header from one place to another.
Note that any changes made in the Administration Console screens are not saved if you logout or refresh the screens.
Number of displayed rows
The number of rows displayed on the Administration Console can be changed by clicking on the drop down arrow Rows menu located on the upper left hand part of the screen (default is 10):
Export tables as CSV files
Users can export the content of the Console Admin user interface table into a .csv file by clicking on the Export CSV button on the upper left hand corner of the table:
Characters input restrictions
By default the following characters cannot be used in the Domibus admin console: '\u0022(){}[];,+=%&*#<>/\\ . Note that the list can be updated in the domibus.properties files (domibus.userInput.blackList property).
Messages
By default, the Messages screen is displayed after a successful login to the Administration Console. Details of messages are displayed on the screen, such as Message ID, From Party Id, To Party Id, Message Status etc.
Use the filtering functionality described above to find a specific message.
To display details of a message, double-click on it:
Resending messages
On the Messages screen you can resend messages. Select the message and click on the Resend button located on the bottom left hand side of the screen:
You can also click on the Action arrow on the right hand side of the message line and then on Resend:
Downloading messages
Select the message and click on the Download button located on the bottom left hand side of the screen or click on the Action arrow and then on Download (as a a zip file):
Message Filter
On the Message Filter screen, you can define how messages are routed once they have been received. The available options depend on the plugins that have been installed.
The two most common ones are the WebServices plugin and the JMS plugin.
To create a new message filter, click on the New button, fill in the message filter criteria and save by clicking on the OK button:
You can also define the order in which the messages are processed if more than one plugin is installed.
Create a new message filter with a new selection criteria (as described previously) and then move it up or down as required.
Use the Move up button or up arrow on the filter entry, as shown in the image below:
Error Log
The Error Log screen lists application errors. Filters can be applied to display the errors while defining which columns should be displayed or hidden.
PMode
PMode - Current
The current different domain PModes can be viewed or modified (edit).
Save to keep or Cancel the changes as required:
Download/Upload PMode file
You can upload/download your PMode by clicking on the Upload/Download button at the bottom of the page. Then click on choose file to navigate to the location of the PMode file you want to upload/download.
PMode - Archive
The history of the PMode changes is displayed in the Archive section of the Administration console:
Domibus keeps a snapshot of the Pmode each time the PMode is modified. Under Actions, the user can delete, download or restore a particular version. When restoring a specific PMode version, the user makes that version the current PMode:
PMode - Parties
Under Parties, the user can manage the parties in the PMode. Parties can be searched using filter criteria, they can be added, updated or deleted. Each time a party is added, updated or deleted, the current PMode is updated.
Edit details
To edit a party details you can click on the Edit button from the bottom of the page or double-click on the desired row. The details page will be displayed:
Note: the Party Name should match with the public certificate alias present in the Truststore.
Attention: when you edit the Party, the corresponding entry in the Truststore will also be modified according to the certificate provided.
In order to make changes to the identifiers of the party you can select the row and click Edit or double-click it . On doing so, the following page will appear:
Importing a public certificate for a party
To import a public certificate for a party, in the Party details window, click on the Import button:
In the next window, click on Browse and select the certificate, click on OK to import the certificate details:
Scroll down to go to the Identifiers section, click on New:
Fill in the Party Id, Party Id Type and Party Id Value and click on OK to save:
Click on OK in the next screen and on Save in the PMode Parties window to save your changes. The new party information is now in your current PMode.
JMS Monitoring
In the JMS Monitoring page you can view, monitor, manage and navigate through the content of JMS queues.
All queues and their contents are viewable. You can change the default queue by clicking on the drop-down arrow, below Source:
Messages in the JMS queues can also be deleted or moved to another queue. Note that these actions take effect immediately and cannot be undone.
Delete Messages in a queue
To delete a message, select the message and click either on the BIN icon on right hand side of the message, or click on the Delete button at the bottom of the page:
Move messages from on queue to another
To move a message, select the message and click either on the Move icon on right hand side of the message, or click on the Move button at the bottom of the page:
Truststore
In the Truststore screen, you can manage the trusted certificates. You can upload a new truststore to replace the current one and define its password.
Upload New Truststore Certificates
To upload a new Truststore, click on the Upload button and navigate to the location of the file with pop up menu, enter truststore password and click on OK:
Note: when you upload a new truststore, the old one will be deleted and replaced by the new one.
Users
On the Users screen, you can create and manage users:
Export list of users
You can export the list of current users with their status into a .csv file by clicking on the Export csv button at the top of the page:
In Multitenancy mode, for super-users only, the user page contains also the drop-down for selecting the default domain of the super-user:
Add a new user
To add a new user, click on the New button at the bottom of the page, fill in the pop-up box with the required values (username, email address, password etc.) and click on the OK button:
Edit a user
To edit a user, select the user, click on the Edit button at the bottom of the page or click on the Edit icon in the Actions column. Make the necessary changes in the pop-up box (username, email address, password etc) and click on the OK button to save your changes.
Delete a user
To delete a user, click on the Delete button at the bottom of the page or select the message to be deleted and click on the Bin icon in the Actions column.
Click on the OK button to delete the user.
Account Lockout procedure:
A user account lockout policy has been implemented on Domibus Admin Console. By default, if a user tries to log to the Admin Console with a wrong password 5 times in a row, his account will be suspended (locked):
You can define in the domibus.properties file the number of failed attempts after which a user’s account will be locked.
By default, a user remains suspended during one hour before his account is automatically unlocked and the user can try to log again.
If the user wants his account to be unlocked without waiting the default one hour, he can ask his administrator to unlock the account. To unlock the account, the administrator must change the user’s status on the Admin Console from Suspended to Active.
Select the suspended user and click on Edit:
Re-activate the user (unlock it) by checking the Active status and confirm with OK:
IMPORTANT: Save the changes by clicking on Save on the next window and then on Yes to confirm the change.
Password policy
The user passwords expire after a period of time that can be configured. When it needs to be changed, there are a few rules that need to be followed when choosing a new password:
- Complexity must be met
- It cannot be the same as the last 5 passwords
Plugin Users
In Multitenancy mode the plugins security is activated by default, no matter if the value is configured in domibus.properties for the domibus.auth.unsecureLoginAllowed property.
This is needed in order to identify the request performed by the user and associate it to a specific domain. As a result, every request sent to Domibus needs to be authenticated.
A plugin must use a configured plugin user associated to a specific domain in order to authenticate every request sent to Domibus.
The management of the plugin users is done via the the Plugin Users page:
The Creation and editing of a new Plugin User is almost the same as for console users.
As you can see, we have also the means to reactivate or disable a plugin user, just like it is done for console users.
The plugin users have also default passwords, expiration period.
When changing the password, the same rules apply as in the case of console users.
Audit
Domibus keeps track of changes performed in the PMode, the Parties, the Message Filter and the Users pages. This is what is displayed on the Audit screen:
Alerts
In Domibus you can define alerts by using different available media to notify the Domibus administrator in case of unusual behaviour. Those notifications are presented to the Domibus administrator under the form of configurable alerts.
The alerts can be browsed in the Domibus Admin Console and received by email.
Three alert types are available : Message status change, authentication issues and certificate expiration.
In the column Processed, the user can check/uncheck alerts:
Connection Monitoring
The Connection Monitoring section allows communication partners to perform a basic test of the communication configuration (including security at network, transport and message layer, and reliability) in any environment, including the production environment.
All parties that are defined in the Domibus properties are listed on the Connection Monitoring page of the Administration console.
The user can activate or deactivate the monitoring feature by clicking on the Monitoring button of the desired party. Once activated, the monitoring service will send a test message on a frequency defined in the ‘domibus.monitoring.connection.cron’ property of the domibus.properties file.
The user can also activate or deactivate the monitoring of parties in the ‘domibus.monitoring.connection.party.enabled’ property of the domibus.properties file.
The user can manually trigger a test by clicking on the Arrow under Actions.
To see the details of the connection that was tested, the user can click on the magnifying glass under Actions:
Clicking on Test will launch a connection test manually and clicking on Update will refresh the connection test information.
Logging
Admin and Super admin users can change the Logging levels at runtime for the Domibus application using the Admin Console Logging menu:
The Search box allows the user to seach for a package of classes on which he wants to the logging level on.
By clicking on Reset, the user can reset all logging levels o the default values defined in logback.xml.
Remarks:
- The feature is Multitenancy agnostic, meaning any changes will apply to all Domains logging levels.
- Changing the logging levels only affects the currently running instance of Domibus and will not change or update the existing logging configuration file (logback.xml).
Domibus Properties
In the Dominbus properties section of the Admininstration Console, the list of all Domibus Properties are displayed (details on Domibus properties can be found in §5.2 - Domibus Properties). Some of the displayed properties can be edited, others are read-only.
Remark: When the Domibus server(s) is(are) restarted, the Domibus properties are reverted back and changes made via the Administration Console are lost. This feature is useful when a user wants to test a change in a Domibus property at runtime.
To change a Domibus property, the user clicks in the Property Value field and edits it (if the property is read-only, the user will not be able to edit that field). Once done, the user clicks on the Save icon to save the changes.
To revert the changes, the user can click on the Back arrow next to the Save icon: The back-arrow is only active while editing a certain field, and only restores the property to the value it had at the moment of starting editing, bot not to the initial value in the domibus.properties file.
