Skip to main content

Posts

Content Delivery Monitoring in AWS with CloudWatch

This post describes a way of monitoring a Tridion 9 combined Deployer by sending the health checks into a custom metric in CloudWatch in AWS. The same approach can also be used for other Content Delivery services. Once the metric is available in CloudWatch, we can create alarms in case the service errors out or becomes unresponsive. The overall architecture is as follows: Content Delivery service sends heartbeat (or exposes HTTP endpoint) for monitoring Monitoring Agent checks heartbeat (or HTTP health check) regularly and stores health state AWS lambda function: runs regularly reads the health state from Monitoring Agent pushes custom metrics into CloudWatch I am running the Deployer ( installation docs ) and Monitoring Agent ( installation docs ) on a t2.medium EC2 instance running CentOS on which I also installed the Systems Manager Agent (SSM Agent) ( installation docs ). In my case I have a combined Deployer that I want to monitor. This consists of an Endpoint and a
Recent posts

Create User from JavaScript Client Using CoreService

This post presents some sample code on how to create a Tridion user from JavaScript client using the CoreService. It is based on the setup presented in previous posts and it only makes use of JQuery library. The logic below is also assigning the newly created user to certain Tridion Groups identified either by TCMURI, Name or Description. This means the code will first call the CoreService to retrieve a list of groups, then identify those we need to assign the user to, then create the UserData object with all group memberships set, and then finally send the request to create the user to CoreService. The code below is to be inserted into the ServiceProxy class. The entry point is the createUser method, which takes as parameters the user account, user name, and an array of groups to assign the new user. It also takes a success and fail callback functions. The code makes use of a number of classes defined below, such as UserData , GroupMembershipData , LinkToGroupData , etc. The

JQuery JavaScript Client for CoreService

In my previous post, I presented a JavaScript CoreService client that was using the out-of-the-box Visual Studio project and a WCF generated JS proxies using the Microsoft AJAX framework. In this blog post, I write about a JQuery client for CoreService that is lighter and only depends on JQuery. I took my inspiration from Yoav's blog post  Creating a Webservice Proxy with jQuery The server part remains untouched. This means I can only focus on the JavaScript client. CoreService is secured with Basic or Federated authentication. I am focusing on Basic auth in this post, mainly because it is so simple to use from JS. The main entry point in the code is the ServiceProxy class. This is where we define the constructor and where we set the endpoint to use for CoreService and the username, password combination to use. The ServiceProxy makes use of the JQuery's $.ajax function, where it performs a POST to the CoreService endpoint, sets the payload to send, Authorization hea

JavaScript Client for CoreService

This blog post shows a way to connect to CoreService directly from a JavaScript client. The CoreService is a WCF web-service, which by default uses SOAP to communicate with its clients. However, it is quite simple to convert it into a REST service that accepts plain POST requests with parameters sent in the request body. To keep things simple, I secured the REST endpoint with Basic auth, and thus made use of the Basic Authenticator handler over an HTTPS connection. The Server The WCF framework allows us to easily expose any web-service as a REST service. For this, I had to modify the file [SDLWebHome]\webservices\Web.config , and add an endpoint behavior under node <system.serviceModel> / <behaviors> . The new behavior enables endpoint to be accessible as REST service: <endpointBehaviors> <behavior name= "MyJS" > <enableWebScript /> </behavior> </endpointBehaviors> Next, because we want to use

Workflow Listener SDL Web 8.5 with ADFS

Using the Workflow listener service with ADFS authentication is quite straight forward, if we use the Basic Authenticator. The service WFListener.asmx is not a WCF service, therefore we can't use federation security on it. Instead we need to use Basic authentication and handle the ADFS behind the scene. The Basic Authenticator module exposes a Basic authentication scheme, while communicating with the ADFS server in the background. Once a user is successfully authenticated, it creates a Thread and HttpContext security contexts, so that the following modules in the .NET request processing pipeline execute in the new security context. As such, our client can define a Basic auth security using HTTPS transport and it will be able to connect to the service. App.config The .NET Console application I use as test client uses generated service proxy classes. The configuration presented below defines the endpoint to connect to and a simple HTTPS Basic auth transport. <system.ser

TemplateBuilder and Assembly Upload Services with ADFS

Using either of the templating services (i.e. AssemblyTemplateUploadWebService.asmx and CompoundTemplateWebService.asmx ) with ADFS authentication is quite straight forward, if we use the Basic Authenticator . This one exposes a Basic authentication scheme, while communicating with the ADFS server in the background. Once a user is successfully authenticated, it creates a Thread and HttpContext security contexts, so that the following modules in the .NET request processing pipeline execute in the new security context. As such, our client can define a Basic auth security using HTTPS transport and it will be able to connect to the service. This is the same mechanism the Content Porter application is using (i.e. Basic auth). App.config The .NET Console application I use as test client uses generated service proxy classes. The configuration presented below defines the endpoint to connect to and a simple HTTPS Basic auth transport. <system.serviceModel> <bindings&g

Content Porter 8.5 with ADFS

Content Porter uses Basic auth to communicate with the ImportExport service. This means the federated security approach will not work. Luckily, we have the Basic Authenticator that exposes the ADFS authentication as a basicHttp endpoint. Using this endpoint, the authenticator creates a new security principal and sets it in the current Thread and HttpContext . As such, Content Porter works again out of the box: For the Basic Authenticator to intercept requests for the basicHttp endpoint, I defined a regular expression that is matched against the URL of the request: <add key="BasicAuthPath" value="(?i)/templating/.+\.asmx|/webservices/(core|importexport)service\d{4,6}\.svc/(streamdownload_basichttp|basichttp|script(?!/js))|/wflistener/wflistener\.asmx|/webdav|/monitoring/tridionmonitoringagent.asmx"/> The expression above matches all requests to: /templating/ folder, and files that end with .asmx extension. These are the services  Asse