Backing up and restoring the Jazz Authorization Server configuration

Edit online

Backing up the Jazz Authorization Server requires backing up the server configuration files and backing up the client registration database.

Backing up the Jazz Authorization Server configuration files

Edit online
To back up the server configuration files, back up all the files in the following directory:
JazzAuthServer/wlp/usr/servers/jazzop
Note: Be sure to back up the files in that directory only, not the entire directory tree.

Backing up the client registration database

Edit online
There are two ways to back up the client registration database:
  • Backing up the entire Derby database preserves all the original information. An advantage to using this backup method is that if you later restore the database, you do not need to make any configuration changes in the Jazz applications. However, backing up the database requires that you shut down the Jazz Authorization Server and all Jazz application servers.
  • Saving a copy of the client registrations to a file can be completed while the servers are running. However, to preserve security, this backup method does not record the secrets that were assigned to the applications. If you restore client registrations from the backup file, new secrets are generated. Before the Jazz applications will function, you must configure them with the new secrets.

Choose the backup method that is best for your deployment configuration and needs.

Backing up the Derby database directory that is used for client registrations

To back up the Derby database directory that is used for client registrations, complete the following steps.

  1. Shut down the Jazz Authorization Server.
    Note: Shutting down the server disrupts the use of any Jazz applications that are configured to use the server. Therefore, it is best to shut down these applications as well. If the applications are periodically shut down for backup, consider timing the Jazz Authorization Server backup as part of this shutdown.
  2. Back up the JazzAuthServer/derby/asDB directory.
  3. Restart the Jazz Authorization Server and any other Jazz servers that you shut down.

Saving a copy of the client registrations to a file

To save a copy of the client registrations to a file, complete the following steps.
  1. Open a command line and change to the JazzAuthServer/cli directory.
  2. Run the following command: 
    lsclient -u username:password> fileLocation
    where
    • username and password are the administrator credentials for the Jazz Authorization Server.
    • fileLocation is the fully qualified path and file name to create and save.

Restoring a backup of the Jazz Authorization Server configuration

Edit online

To restore a backup of the server configuration, you might first need to uninstall and reinstall the server, for example, if the installation was damaged. Then, complete the following steps.

  1. Restore the configuration files that you backed up in Backing up the Jazz Authorization Server configuration files.
  2. Restore the client registration database that you backed up in Backing up the client registration database.
    • If you backed up the Derby database, restore the backup to the JazzAuthServer/derby/asDB directory.
    • If you saved the client registrations to a file, complete the following steps.
      1. Edit the file that you created in Saving a copy of the client registrations to a file. Each entry contains a line similar to this example:
        "client_secret":*

        Replace the asterisk (*) with a string to use as the new application secret. You can make up this value. Then, save the file.

      2. For each application that has a teamserver.properties file in its JazzInstallDir/server/conf/applicationContext configuration directory, complete the next steps.
        1. Open this file in a text editor.
        2. Find the line that starts with the following string:
          com.ibm.team.repository.servlet.sso_clientSecret=
        3. Change the value to the new value that you set for the application in step a to specify the new secret. For example,
          com.ibm.team.repository.servlet.sso_clientSecret="newClientSecret#12"
          Tip: While the original value might be enclosed in square brackets ([ and ]), do not enclose the new value in square brackets.
      3. For the Lifecycle Query Engine and Link Index Provider applications, edit the lqe.properties file in each application's configuration directory, JazzInstallDir/server/conf/lqe and JazzInstallDir/server/conf/ldx. Set the lqe.configMode property value to true. For example,
        lqe.configMode="true"
      4. For the Jazz Report Builder application, edit the app.properties file in its JazzInstallDir/server/conf/rs configuration directory. Change the value of thejsa.client.secret property to the new value that you set for the application in step a.
      5. Open a command line and change to the JazzAuthServer/cli directory.
      6. Run the following command:
        ldclient -u username:password -c fileLocation
        where
        • username and password are the administrator credentials for the Jazz Authorization Server.
      7. Start the Jazz application servers.
      8. If the Lifecycle Query Engine or Link Index Provider applications are registered with the Jazz Team Server, unregister and then re-register them. This step notifies the applications that their secrets are updated.