PingAuthorize

Deploying the PingAuthorize admin console

To administer multiple servers from a single PingAuthorize admin console instance, you can use Docker or a Java application server, such as Tomcat or Jetty, to run the admin console as a standalone instance.

Running the admin console as a standalone instance also allows you to make changes to the admin console without restarting the server’s HTTPS connection handlers.

Environment variables

You can change the value of any configuration property in the admin console’s application.yml file by setting an environment variable. Learn more in Using Environment Variables in the Spring Boot documentation.

For example, to set the system.readOnly property to true, which puts the admin console into read-only mode, include the following argument for a Docker deployment:

--env SYSTEM_READ_ONLY=true

Alternatively, you can run the following command for either Tomcat or Docker deployments:

export SYSTEM_READ_ONLY=true

Application base path

By default, the PingAuthorize Server hosts the admin console at the /console endpoint. To change this path, update the base-context-path property by updating the admin console’s web application extension.

If you host the admin console on a Tomcat server, you can deploy the resource/admin-console.war file to serve the admin console at the /admin-console endpoint. You can change the admin console endpoint by updating the .war file name.

Using Docker to run a standalone admin console

The admin console is available as a standalone Docker image on Docker Hub.

Steps

  1. To connect to a server deployed with Docker, run the admin console image in a local Docker deployment.

    The network you use must match the server container’s network.

  2. To access the admin console, go to https://<hostname>:<port>/console and enter the following credentials:

    • Server: <PingAuthorize-container-name>:<LDAPS-port>

    • Username: administrator

    • Password: 2FederateM0re

Setting up the admin console on a Tomcat server

To set up a standalone admin console on a Tomcat server, you need the .war file from the PingAuthorize Server’s resource/admin-console.zip archive.

You can use the .war file with Java application servers, such as Tomcat or Jetty. The following steps use Tomcat as the server environment.

Steps

  1. Download the Tomcat 11 .zip archive from the Apache Tomcat downloads page.

  2. Extract the .zip archive.

  3. To set up the Tomcat server, follow the instructions in the RUNNING.txt file from the extracted directory.

  4. Copy the .war file into the webapps folder in the Tomcat root directory.

  5. To start the Tomcat server, run startup.sh from the bin folder of the Tomcat root directory.

    Result:

    Tomcat automatically extracts the admin console from the compressed .war file into an exploded application directory and starts running it.

  6. Set a specific location for the console’s log output by updating the value of log.file in the admin console’s application.yml file.

  7. To access the admin console, add the name of the .war file to the end of the Tomcat server’s path.

    For example, if the Tomcat server is deployed on localhost:8080, and the .war file is named admin-console.war, the path to the admin console is localhost:8080/admin-console.

  8. (Optional) To change the name displayed by the admin console, edit the branding.appName configuration property in the console’s application.yml file.