-
Notifications
You must be signed in to change notification settings - Fork 13
modSIC Setup
By default, modSIC only accepts HTTP connections over port 1024.
To configure the service's IP address (or host name) and select which port it will run on, edit the modsicsrv.exe.config file in the <installation directory>\modSIC Service folder.
Next, go to configuration>system.serviceModel>services>service>host>baseAddresses and modify the following: <add baseAddress="<pathtoservice>"/>. See below for the default HTTP configuration:
<system.serviceModel>
<services>
<service name="Modulo.Collect.Service.CollectService" behaviorConfiguration="CollectorServerBehavior">
<host>
<baseAddresses>
<add baseAddress="http://localhost:1000/CollectService"/>
</baseAddresses>
</host>
<endpoint bindingConfiguration="CollectorServiceWsHttpBinding" binding="wsHttpBinding" contract="Modulo.Collect.Service.Contract.ICollectService"/>
<endpoint name="mexHttpBinding" contract="IMetadataExchange" binding="mexHttpBinding" address="http://localhost:1000/CollectService/mex"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CollectorServerBehavior">
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceMetadata httpGetEnabled="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="CollectorServiceWsHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="None"/>
<readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647"/>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>===
To use SSL, the system administrator needs to register a certificate on the correct port (port 8443 is used in this example).
Open Command Prompt and enter the following command (replacing CERTIFICATE_THUMBPRINT with the modSIC certificate thumbprint):
netsh http add sslcert ipport=0.0.0.0:8443 certhash=[CERTIFICATE_THUMBPRINT] appid={1f465736-118b-443a-a931-25c0ddde417c}
To use an HTTPS connection instead of HTTP, replace the entire <system.serviceModel> session from your app.config file with:
<system.serviceModel>
<services>
<service name="Modulo.Collect.Service.CollectService" behaviorConfiguration="CollectorServerBehavior">
<host>
<baseAddresses>
<add baseAddress="https://localhost:8443/CollectService"/>
</baseAddresses>
</host>
<endpoint address="" bindingConfiguration="CollectorServiceWsHttpBinding" binding="wsHttpBinding" contract="Modulo.Collect.Service.Contract.ICollectService"/>
<endpoint name="mexHttpBinding" contract="IMetadataExchange" binding="mexHttpsBinding" address="https://localhost:8443/CollectService/mex"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="CollectorServerBehavior">
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceMetadata httpsGetEnabled="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<wsHttpBinding>
<binding name="CollectorServiceWsHttpBinding" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="Transport">
<transport clientCredentialType="None">
</transport>
</security>
<readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647"/>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceModel>These lines are already in the app.conf file. Simply comment the HTTP <system.serviceModel> session and uncomment the HTTPS session.
Next, restart the service for the changes to take effect.
===
The default username and password for modSIC are admin/Pa$$w@rd. The password is stored as a hash in app.conf. The UsersSectionBuilder utility can add, remove, and change passwords in this file. Users can also generate a new username/password pair and insert them manually in app.conf.
USAGE:
UsersSectionBuilder username password
Shows XML element to add manually to app.config
UsersSectionBuilder username password <app-config-file-path>
Adds a username/password to app.config
(Or changes password if username exists)
UsersSectionBuilder username /DEL <app-config-file-path>
Deletes username from app.config
For example, below is the output of the command UserSectionBuilder jcastro 12345:
<configuration>
...
<UsersSection>
<users>
<add name="jcastro" hash="FF2A274CB51C291BE9772E0DCF3C985D617402DF"/>
</users>
</UsersSection>
...
</configuration>Copy the above text and replace the default UsersSection section in the modSIC configuration file.
Alternatively, if you want to keep the existing username, simply copy the line beginning with '<add name...' and add it under the existing one.
===
ModSIC uses RavenDB to store assessment requests and results.
By default, the web interface of embedded RavenDB is disabled.
RavenDB and modSIC work without requiring the web interface. For an accurate debug operation, it can be enabled in app.conf in the section under <installation directory>\CollectorServerConsole.
Under configuration>ServiceConfigurationSection, change the value of ravendb webUIEnabled to true.
<configuration>
...
<ServiceConfigurationSection>
<ravendb webUIEnabled="true" webUIPort="9090"/>
</ServiceConfigurationSection>
...
</configuration>
Don't forget to select a value for webUIPort even if ravendb webUIEnabled="false".
Restart the service for the changes to take effect.
===
ModSIC uses NLog to register Log events of its service's execution.
By default, the modSIC Service Log Level is Error at the file <installation directory>\modSIC Service\NLog.config
Each log message has associated log level, which identifies how important/detailed the message is. NLog can route log messages based primarily on their logger name and log level. NLog supports the following log levels:
- Trace - very detailed logs, which may include high-volume information such as protocol payloads. This log level is typically only enabled during development
- Debug - debugging information, less detailed than trace, typically not enabled in production environment.
- Info - information messages, which are normally enabled in production environment
- Warn - warning messages, typically for non-critical issues, which can be recovered or which are temporary failures
- Error - error messages
- Fatal - very serious errors
You can set those parameters at <installation directory>\modSIC Service\NLog.config, changing the minlevel attribute:
...
<targets>
<target xsi:type="AsyncWrapper" name="AsyncLog">
<target xsi:type="OutputDebugString">
<layout xsi:type="SimpleLayout"/>
</target>
</target>
<target name="ColoredConsole" xsi:type="ColoredConsole" />
<target name="File" xsi:type="File" fileName="f1.log" />
</targets>
<rules>
<logger name="*" minlevel="error" writeTo="File"/>
</rules>
</nlog>Restart the service for the changes to take effect.
===