Products Downloads


French version


 

Important: This concerns VADELIA, SADELIA and WADELIA programs, and the compilation server only.


Access

To run the Middleware daemon, you must either:

  • Select the Middleware Daemon option from the Visual/Web runtime subfolder, in the Adelia Studio folder. It can also be accessed via the application launcher provided with the runtime, or via the list of shortcuts associated with the Adelia icons in the task bar.

  • Run the command MWDAEMON.EXE MWSERVER.
    This starts the Middleware daemon on port 910.
     

  • Start the Windows service ADELIA - MIDDLEWARE.

Note: When the product is installed the service startup is set to "Manual". You have to set it to "Automatic" if you want to use the service.

Then, if you want the service to access the network resources, follow the procedure described below:

    • In the control panel, click the Services icon.
    • Select Adelia - Middleware, then Startup.
    • In the "Log On As" section select "This Account", then enter the information relative to your user account (profile and password known to the network).

Starting the Middleware daemon lets you start the PC servers.


Command line syntax:

mwdaemon mwserver [<port>] [-o<timeout (in seconds)>] [-tls] [-cert <cert_file>] [-key <key_file>] [-allow-insecure-clients] [-principal principal] [-asuser] [-relaxedLdapCharacters "chars"]


<port>: TCP/IP port on which the Middleware daemon listens.


-o<timeout (in seconds)>: Specifies the timeout beyond which any orphan server processes (i.e. processes whose client parts are no longer responding) are terminated.

The timeout is disabled if <timeout> is set to 0. It is also disabled if the -o parameter is not specified.

The timeout is set to 0 seconds by default. The minimum value is 60 seconds.


-tls: Starting up the daemon in TLS mode. In this mode, communications among client and server programs are encrypted (TLS 1.2).


-cert <certificate_file_name>: name of file containing the certificate string for TLS encryption. The file must be in PEM format.

If the parameter is not provided, in TLS mode, the daemon will search for a file called "adelia-middleware-cert.crt" in the current search path.


-key <key_file_name>: name of the file containing the private key corresponding to the server certificate. The file must be in PEM (PRIVATE KEY) format.

If the parameter is not provided, in TLS mode, the daemon will search for a file called "adelia-middleware-key.key" in the current search path.


-allow-insecure-clients: authorizes the connection of clients in version 13.x and 14.0.0 which do not support the TLS protocol.

These clients are not authorized by default and receive a version error.


-principal principal: indicates the Kerberos principal to use for server authentication in the case of Single Sign-On (SSO). This identifier must be a service principal associated with the user starting the daemon.

By default, the daemon uses the MWDAEMON/host.domain.com principal where host.domain.com is the server's qualified DNS name.


-asuser: only in the case of user Single Sign-On (SSO), this parameter indicates that mwserver processes must be executed under the client application user's identity.

Note that this means that the daemon must be started with higher privileges: machine's system account or administrator account with special "Increase quotas" (SeIncreaseQuotaPrivilege) and "Replace a process level token" (SeAssignPrimaryTokenPrivilege) privileges. These privileges may be assigned by the local security strategy (secpol.msc, Local strategies, User permission assignment).


-relaxedLdapCharacters: in LDAP authentication mode, to prevent LDAP injection attacks, the daemon rejects usernames containing special characters that can be used in an LDAP query (characters (, ), *, &, |, !, =, >, < and ~). If this creates a problem, you can explicitly authorize all or some of these characters using the relaxedLdapCharacters parameter. To authorize all the excluded characters, add the [-relaxedLdapCharacters "()*&|!=><~"] option to the command line.


Important: if the daemon is started up with a server certificate that is self-signed or signed by a private certification authority, the server or authority certificate must be saved in the client workstation trusted certificate store.

See Middleware operating in TLS mode page for more information.


Silent mode:

mwdaemon -q mwserver [<port>] [-o<timeout (in seconds)>] [-tls] [-cert <cert_file>] [-key <key_file>] [-allow-insecure-clients] [-principal principal] [-asuser] [-relaxedLdapCharacters "chars"]


To kill a Middleware daemon:

mwdaemon -k mwserver [<port>]


To list the Middleware daemons:

mwdaemon –l


To install as a Windows Service in manual start mode:

mwdaemon -i [<external name> [<internal name> [mwserver [<port>]]]] [-tls] [-cert <cert_file>] [-key <key_file>] [-allow-insecure-clients] [-o<timeout (in seconds)>] [-principal principal] [-asuser] [-relaxedLdapCharacters "chars"] [-u <user> <password>]



<external name>: Name displayed onscreen.

<internal name>: Name of the service.

<user>: Service start profile.

<password>: password associated with the start profile.


To install as a Windows Service in automatic start mode:

mwdaemon -a [<external name> [<internal name> [<mwserver [<port>]]]] [-tls] [-cert <cert_file>] [-key <key_file>] [-allow-insecure-clients] [-o<timeout (in seconds)>]  [-principal principal] [-asuser] [-relaxedLdapCharacters "chars"] [-u <user> <password>]


To remove the Windows Service:

mwdaemon -r <external name>



↑ Top of page

  • Aucune étiquette