- Previous: OffRamp Prerequisites and Setup
- Up: Private Messaging APIs
- Next: Available Message Types
IP OnRamp Service Configuration
The GMC SOA Team prefers to install the OnRamp for Global Partners (GP).
This document contains instructions for an GP to install and configure an OnRamp (previously referred to as an "OffRamp") service on a Windows 2008 Server. This OnRamp will receive messages sent from Compass to the GP through the GMC Messaging system.
Note: All references in this document and screenshots to "OffRamp" are synonymous with "OnRamp.">
You will need a test OnRamp to interface with the new GP Test Environment and a separate one for Production. Items highlighted in Yellow are examples, you may substitute them with your desired names.
We prefer you (the GP) give a person on the GMC SOA Team remote admin access to the server you want to the GP OnRamp installed on, and they will do it for you per to following steps:
Or we will send you an installer package and work with you to get it installed.
Here are the steps to get started:
- GP to create a ticket in Service Now, asking for help setting up an GP Test OnRamp Service.
- GMC SOA Team to create a ticket for the Compass Team, to assist in the setting up of Compass side of testing – Allocating Children, etc.
- GP to determine and provide the URL for their OnRamp to the GMC SOA Team.
- GP to provide the certificate to be used for SSL communication to the GMC SOA Team. For example: if you have an SSL certificate for “services.compassion.xx” you may choose a URL for GP Test as “https://services.compassion.xx/IPTestOnRamp/OnRampService.svc”.
- GP creates a new local, private, transactional MSMQ queue called “iptestqueue.” GP has freedom to name this whatever they wish.
Install OnRamp
- Run setup.exe from OnRamp Install package.
- Click Next.
- Click Next.
- Enter User Name (Ensure that this account has the appropriate read/write access to the queue previously created and ensure this account has read access to the certificate used for SSL) and also enter the Password for that account. Then click Next.
- Enter Application Name for your OnRamp service i.e. IPTestOnRamp. Then click Next.
- Enter or Browse to Folder Name where you want the OnRamp Service to reside, (ie.. C:\CIESB\Services\IPTestOnRamp). Then click Next.
The OnRamp will now be installed.
Edit the web.config File
Edit the web.config file for the new OnRamp service at (C:\CIESB\Services\IPTestOnRamp\web.config) and set the MessageQueueAddress to your new local queue as follows:
<add key="MessageQueueAddress" value=".\Private$\iptestqueue" />
Configure IIS
In IIS, set up an Application Pool for this OnRamp in order to define the service account under which the OnRamp will run by adding an application called IPTestOnRamp – so that the resulting url to the service will be your URL like “https://services.compassion.xx/IPTestOnRamp/OnRampService.svc”.
When done you should be able to browse to this URL.If not here are some troubleshooting tips:
- Can you browse to https://localhost , and then https://localhost/iptestofframp/OffRampService.svc?
- If not is binding for certificate set for port 443 - >netsh http show sslcert?
Configure URL
Configure this new URL as an application in ADFS per instructions below. The binding configuration for the service requires a ws-federation binding which is secured through a Secure Token Service (STS). We currently use Active Directory Federation Services (ADFS) as the STS, which supplies the SAML Token necessary to ensure that the caller is authenticated through Compassion’s Active Directory. The CornerstoneConnect Team will need to work with you to configure the OnRamp service in a trust relationship before it can be put into service.
Server Preparation
- Install Windows identity Foundation run time and SDK on your server.
http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=17331
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=4451 - Check DNS for “adfs.ci.org”
Make sure adfs.ci.org maps to the GMC’s ADFS server by making sure you can browse to https://adfs.ci.org/federationMetadata/2007-06/federationMetadata.xml
Modify Service Configuration on Client Server
Since this is for a GP (i.e. your server) use web.config of C:\CIESB\Services\IPTest
- In web.config add address to service endpoint
Example: <endpoint address="https://services.compassion.xx/IPTestOnRamp/OnRampService.svc" binding="ws2007FederationHttpBinding" contract="IOffRampService" bindingConfiguration="IOnRampService_ws2007FederationHttpBinding" /> - Open “FEDUtil” at C:\Program Files (x86)\Windows Identity Foundation SDK\v4.0
- Set Application configuration location as C:\CIESB\Services\IPTest\web.config and application URI as https://services.compassion.xx/IPTestOnRamp/OnRampService.svc, then click Next.
- Click Next.
- On Service Token Service page, Select “Use an existing STS”. Input location as https://adfs.ci.org/federationMetadata/2007-06/federationMetadata.xml. Then click Next.
- Select “Enable encryption” option on “Security token encryption” page, and “Select an existing certificate from store”. Click on “Select Certificate” and select your certificate. Then click Next.
- Click Next on "Offered claims" page.
- Click Finish on the "Summary" page.
Modify the Configuration
Modify the configuration file accordingly per instructions below.
- Since this is for GP (i.e. your server), using the web.config of C:\CIESB\Services\IPTestOnRamp – remove/comment out address in the service endpoint address towards top of file.
Example: <!--<endpoint address="https://services.compassion.xx/IPTestOnRamp/OnRampService.svc" binding="ws2007FederationHttpBinding" contract="IOffRampService" bindingConfiguration="IOnRampService_ws2007FederationHttpBinding" />--> - Change security mode.
Example: - <ws2007FederationHttpBinding>
<binding name="IOnRampService_ws2007FederationHttpBinding">
<security mode="TransportWithMessageCredential"> - Change behavior to httpsGetEnabled
Example: - <serviceBehaviors>
<behavior>
<serviceMetadata httpsGetEnabled="true" /> - Save the web.config
- Make sure you can browse to your URL.
Example: https://services.compassion.xx/IPTestOnRamp/OnRampService.svc - Send copy of the newly created FederationMetadata.xml file at C:\CIESB\Services\IPTestOnRamp\FederationMetadata\2007-06\ to your contact at the GMC so they can have the Relying Party Trust setup within ADFS for your OnRamp at the GMC.
After testing is successful in the GP test environment, you can repeat steps in this document to configure your production environment by using your desired production name where IPTest is referenced.
- Previous: OffRamp Prerequisites and Setup
- Up: Private Messaging APIs
- Next: Available Message Types
Docs Navigation
- Compassion API Library
- Standards Documents
- Legacy APIs (Deprecating)
- Web Services Handshake (Legacy) - Notification and Command Messages
- Public API
- Private IPG APIs
- Private REST Services
- REST Get CDSP Implementor V1
- REST Get Child Case Study V1
- REST Get Child Exit Details V1
- REST Get Child Image V1
- REST Get Child Information V1
- REST Get Community V1
- REST Get Country V1
- REST Get CSP Implementor V1
- REST Get Local Church Partner V1
- REST Get Program Implementor V1
- REST Get Project Age Groups V1
- REST Get Child Image V1 - 2015/03
- Private Messaging APIs
- Quick Start Guide
- OffRamp Prerequisites and Setup
- IP OnRamp Service Configuration
- Available Message Types
- Message and Service Relationships
- Troubleshooting
- General Error Messages from Compass Party Host
- EsdMessageErrorMOE Sample
- Sample REST End-To-End Test Plan
- SOAP Wrapper Sample for Messages to GMC
- Allocate Child Message
- Cancel Commitment Message
- Commitment Canceled Message
- Commitment Created Message
- Constituent Created Message
- Constituent Updated Message
- Constituent Upserted Message
- Create Commitment Message
- Create Constituent Message
- Create Email Message
- Create Gift Message
- Deallocate Child Message
- Depart Child Message
- Email Created Message
- Email Updated Message
- Gift Created Message
- Update Child Message
- Update Constituent Message
- Update Email Message
- Upsert Constituent Message
- Update Project Message
- Private SOAP Services
- SOAP Get Child Exit Detail 201211
- SOAP Get Child Exit Detail 201310
- SOAP Get CDSP Implementor 201309
- SOAP Get Child Image 201211
- SOAP Get Child Case Study 201310
- SOAP Get Child Case Study 201412
- SOAP Get Child Information 201211
- SOAP Get Child Information 201310
- SOAP Get Community 201309
- SOAP Get Country Information 201104
- SOAP Get Local Church Partner 201309
- SOAP Get Program Implementor 201303
- SOAP Get Program Implementor 201309
- SOAP Get Project Age Group 201309
- Service Overview
- SOAP Get CSP Implementor 201309
- SOAP Get Child Image 201503
- Private USA APIs
- Private USA Web APIs
- private cornerstone connect messaging
- private cornerstone test
- public api
0 Comments
New comments are not being accepted at this time.