QPR Knowledge Base 2012.1

Configuration

Configuration

Previous topic Next topic  

Configuration

Previous topic Next topic  

QPR Web Services Foundation is accessed using the QPR Web Services Server, which requires the following configuration to run properly:

 

Microsoft .NET Framework 4.0 present on the machine

Access to QPR.WAS.Core.dll and relevant product plugins in ..\Web Application Server folder relative to the WebServices installation folder.

Rights to modify files under <path to All Users profile>\Application Data\QPR Software\QPR 2012\QPR 2012.1 (C:\ProgramData\QPR Software\QPR 2012\QPR 2012.1 in Windows Vista and later versions.)

If QPR Web Services Server is installed on a different computer than QPR Web Application Server, also the QPR Web Services Server computer needs to be configured to use the same script location as the QPR Web Application Server computer.

 

 

Testing the Configuration

 

The QPR Web Services Server installation installs also a test utility with which you can determine that your environment is properly configured for the service. The utility is called servicetester.aspx and its URL depends on the authentication/encryption settings. See the Accessing QPR Web Services Server section for the correct URL.

 

 

Using SSL with QPR Web Services Server

 

A secure connection to QPR Web Services Server requires that the site hosting qpr.isapi.dll is set to use https.

 

 

Authentication

 

By default QPR Web Services Foundation uses regular authentication by authentication methods enabled in QPR Configuration Manager. However, if you wish to use Integrated Windows Authentication (IWA), the following additional steps are needed:

Configure the Portal virtual directory under the QPR2012 application to use IWA and allow full access to MainService.svc file.

Make sure that IWACGIBinaryIP setting in the [WAS Settings] section of QPR_Servers.ini is set to 127.0.0.1.

Make the following modifications in the <QPR servers installation root>\WebServices folder:

oRename the Web.config file to some other name

oRename the Web.config.IWA file to Web.config

 

 

Accessing QPR Web Services Server

 

The URL for QPR Web Services Server depends on your authentication and encryption settings. See the listing below for more information. The URL listed in the table is the base URL, so append servicetester.aspx or MainService.svc to the URL depending on the intended use.

 

Basic scenario, QPR authentication without SSL: http://<hostname>/QPR2012/Portal/qpr.isapi.dll/wsforward/

Integrated Windows Authentication (IWA), no SSL: http://<hostname>:9002/QPR2012/Portal/qpr.isapi.dll/wsforward/ (note the changed port)

IWA and SSL: This combination requires using two instances of qpr.isapi.dll, one for basic IWA scenario (see above) and other for IWA+SSL. For IWA+SSL, duplicate the contents of the qpr.isapi.dll installation folder create a new IIS virtual directory (e.g. wsHttps, pointing at the folder you just copied) under the QPR2012 application and configure the virtual directory NOT to use Windows Authentication. Preferably it should not be able to connect to QPR WAS (this can be achieved by providing an invalid HOST_ADDR value to qprsettings.dat in the new folder). With this configuration the URLs would be as follows:

ohttps://<hostname>/QPR2012/Portal/qpr.isapi.dll/wsforward/ for webHttp and basicHttp endpoints

ohttps://<hostname>/QPR2012/wsHttps/qpr.isapi.dll/wsforward for the wsHttp endpoint

 

 

Microsoft IIS 7 & 7.5 Configuration

 

In addition to basic configuration, the following should be noted with Microsoft Internet Information Services 7 and 7.5:

Windows Authentication module needs to be installed for IIS. This can be done in Server Manager -> Roles -> Web Server (IIS) -> Add Role Services.

 

 

Troubleshooting

 

This section provides information on how to resolve common configuration issues related to running QPR Web Services Foundation.

 

Issue: Servicetester.aspx doesn't work properly and log displays lots of access denied errors

Solution #1: Give the ASPNET user rights to modify files under <path to All Users profile>\Application Data\QPR Software\QPR 2012\QPR 2012.1 (C:\ProgramData\QPR Software\QPR 2012\QPR 2012.1 in Windows Vista and later versions). In Windows Server 2008, give the rights

 

 

Issue: Servicetester does not work but redirects to the main service page. Any functionality needing QPR Web Services Foundation does not work.

Solution: Remove the following handler mappings from the QPR2012 application in IIS:

.svc

.aspx

.axd

WebResource.sxd

ScriptResource.axd

 

 

Issue: I'm using Integrated Windows Authentication and servicetester.aspx spawns endless IIS authentication dialogs and giving valid credentials does not help.

Solution: Change the IWACgiBinaryIP setting in QPR_Servers.ini to 127.0.0.1. Also make sure that you have <authentication mode="Windows"/> in your Web.config's <system.web> section. Also verify that Integrated Windows Authentication is properly configured with the following checklist:

 

- In Web.config, the following must be set:

 o <system.web> section:

     <authentication mode="Windows"/>

 o <bindings> section, <webHttpBinding>'s <binding name="Qpr_WebServices_MainService_webHttpBinding"> element:

    <security mode="TransportCredentialOnly">

      <transport clientCredentialType="Ntlm"

                 proxyCredentialType="Ntlm"

                 realm="" />

    </security>

 o <bindings> section, <basicHttpBinding>'s <binding name="Qpr_WebServices_MainService_basicHttpBinding"> element:

     <security mode="TransportCredentialOnly">

       <transport clientCredentialType="Ntlm" />

     </security>

 

- In QPR_Servers.ini, make sure that the IWACGIBinaryIP key in [WAS Settings] section points to the same network interface that is used to access WSS through the IP in qprsettings.dat.

  For example, if your IIS is in machine 192.168.0.1 and your WSS is in machine 192.168.0.2, these are the correct settings:

    o qprsettings.dat: WS_HOST_ADDR=192.168.0.2

    o QPR_Servers.ini: IWACGIBinaryIP=192.168.0.1

 

- In IIS, QPR2012/Portal directory must have Windows authentication enabled and Anonymous authentication disabled.