Backing up and restoring the Jazz Authorization Server configuration
Backing up the Jazz Authorization Server requires backing up the server configuration files and backing up the client registration database.
Backing up the Jazz Authorization Server configuration files
To back up the server configuration files, back up all the files
in the following directory:
JazzAuthServer/wlp/usr/servers/jazzop
Note: Be sure to back up the files in that directory only, not
the entire directory tree.
Backing up the client registration database
There are two ways to back up the client registration database:
- Backing up the entire Derby database preserves all the original information. An advantage to using this backup method is that if you later restore the database, you do not need to make any configuration changes in the Jazz applications. However, backing up the database requires that you shut down the Jazz Authorization Server and all Jazz application servers.
- Saving a copy of the client registrations to a file can be completed while the servers are running. However, to preserve security, this backup method does not record the secrets that were assigned to the applications. If you restore client registrations from the backup file, new secrets are generated. Before the Jazz applications will function, you must configure them with the new secrets.
Choose the backup method that is best for your deployment configuration and needs.
Backing up the Derby database directory that is used for client registrations
To back up the Derby database directory that is used for client registrations, complete the following steps.
- Shut down the Jazz Authorization Server.Note: Shutting down the server disrupts the use of any Jazz applications that are configured to use the server. Therefore, it is best to shut down these applications as well. If the applications are periodically shut down for backup, consider timing the Jazz Authorization Server backup as part of this shutdown.
- Back up the JazzAuthServer/derby/asDB directory.
- Restart the Jazz Authorization Server and any other Jazz servers that you shut down.
Saving a copy of the client registrations to a file
To save a copy
of the client registrations to a file, complete the following steps.
- Open a command line and change to the JazzAuthServer/cli directory.
- Run the following command:
lsclient -u username:password> fileLocation
whereusername
andpassword
are the administrator credentials for the Jazz Authorization Server.fileLocation
is the fully qualified path and file name to create and save.
Restoring a backup of the Jazz Authorization Server configuration
To restore a backup of the server configuration, you might first need to uninstall and reinstall the server, for example, if the installation was damaged. Then, complete the following steps.
- Restore the configuration files that you backed up in Backing up the Jazz Authorization Server configuration files.
- Restore the client registration database that you backed up in Backing up the client registration database.
- If you backed up the Derby database, restore the backup to the JazzAuthServer/derby/asDB directory.
- If you saved the client registrations to a file, complete the
following steps.
- Edit the file that you created
in Saving a copy of the client registrations to a file. Each entry contains a line similar
to this example:
"client_secret":
*
Replace the asterisk (
*
) with a string to use as the new application secret. You can make up this value. Then, save the file. - For each application that has a teamserver.properties file
in its JazzInstallDir/server/conf/applicationContext configuration
directory, complete the next steps.
- Open this file in a text editor.
- Find the line that starts with the following string:
com.ibm.team.repository.servlet.sso_clientSecret=
- Change the value to the new value that you set for the application
in step a to specify the new secret. For example,
com.ibm.team.repository.servlet.sso_clientSecret="newClientSecret#12"
Tip: While the original value might be enclosed in square brackets ([
and]
), do not enclose the new value in square brackets.
- For the Lifecycle Query Engine and Link Index Provider applications, edit the
lqe.properties file in each application's configuration directory,
JazzInstallDir/server/conf/lqe and
JazzInstallDir/server/conf/ldx. Set the
lqe.configMode
property value totrue
. For example,lqe.configMode="true"
- For the Jazz Report Builder application, edit the app.properties file
in its JazzInstallDir/server/conf/rs configuration
directory. Change the value of the
jsa.client.secret
property to the new value that you set for the application in step a. - Open a command line and change to the JazzAuthServer/cli directory.
- Run the following command:
ldclient -u username:password -c fileLocation
whereusername
andpassword
are the administrator credentials for the Jazz Authorization Server.
fileLocation
is the fully qualified path and file name that you saved in Backing up the client registration database and then edited in step a.
- Start the Jazz application servers.
- If the Lifecycle Query Engine or Link Index Provider applications are registered with the Jazz Team Server, unregister and then re-register them. This step notifies the applications that their secrets are updated.
- Edit the file that you created
in Saving a copy of the client registrations to a file. Each entry contains a line similar
to this example: