COMSOL Server Manual

COMSOL Server
Manual
COMSOL Server Manual
© 1998–2017 COMSOL
Protected by U.S. Patents listed on www.comsol.com/patents, and U.S. Patents 7,519,518; 7,596,474; 7,623,991;
8,457,932; 8,954,302; 9,098,106; 9,146,652; 9,372,673; and 9,454,625. Patents pending.
This Documentation and the Programs described herein are furnished under the COMSOL Software License
Agreement (www.comsol.com/comsol-license-agreement) and may be used or copied only under the terms of the
license agreement.
COMSOL, the COMSOL logo, COMSOL Multiphysics, Capture the Concept, COMSOL Desktop, LiveLink, and
COMSOL Server are either registered trademarks or trademarks of COMSOL AB. All other trademarks are the
property of their respective owners, and COMSOL AB and its subsidiaries and products are not affiliated with,
endorsed by, sponsored by, or supported by those trademark owners. For a list of such trademark owners, see
www.comsol.com/trademarks.
Version: COMSOL 5.3
Contact Information
Visit the Contact COMSOL page at www.comsol.com/contact to submit general inquiries, contact
Technical Support, or search for an address and phone number. You can also visit the Worldwide
Sales Offices page at www.comsol.com/contact/offices for address and contact information.
If you need to contact Support, an online request form is located at the COMSOL Access page at
www.comsol.com/support/case.
Other useful links include:
• Support Center: www.comsol.com/support
• Product Download: www.comsol.com/product-download
• Product Updates: www.comsol.com/support/updates
• Discussion Forum: www.comsol.com/community
• Events: www.comsol.com/events
• COMSOL Video Gallery: www.comsol.com/video
• Support Knowledge Base: www.comsol.com/support/knowledgebase
Part number: CM010010
Contents
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Installing COMSOL Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Installing COMSOL Server in Windows . . . . . . . . . . . . . . . . . . . . . . 8
Installing COMSOL Server in Linux and macOS . . . . . . . . . . . . . . 17
Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Starting COMSOL Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Starting and Running COMSOL Server Locally in Windows . . . . 19
Starting COMSOL Server as a Windows Service . . . . . . . . . . . . . . 23
Starting COMSOL Server Manually in Windows . . . . . . . . . . . . . . 23
Starting COMSOL Server in Linux . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Starting COMSOL Server in macOS . . . . . . . . . . . . . . . . . . . . . . . . 26
Logging in to COMSOL Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
COMSOL Server Administration . . . . . . . . . . . . . . . . . . . . . . . . .29
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
User Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Appearance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
COMSOL Server Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Running Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Logs of Application Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Running Applications in a Web Browser . . . . . . . . . . . . . . . . . . . . . 45
|3
Running Applications in the COMSOL Client . . . . . . . . . . . . . . . . 54
Running Applications that use LiveLink Products . . . . . . . . . . . . . . 56
Running COMSOL Server on Multiple Computers . . . . . . . . . . 58
Installing COMSOL Server on Multiple Computers . . . . . . . . . . . . 58
Starting COMSOL Server on Multiple Computers . . . . . . . . . . . . 60
Setting up a Shared Working Directory . . . . . . . . . . . . . . . . . . . . . 60
Sharing a COMSOL Server Installation . . . . . . . . . . . . . . . . . . . . . . 61
Configuring COMSOL Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Configuring a Local User Database . . . . . . . . . . . . . . . . . . . . . . . . . 63
Configuring Windows Authentication . . . . . . . . . . . . . . . . . . . . . . . 69
Configuring Active Directory or LDAP . . . . . . . . . . . . . . . . . . . . . . 70
Advanced Login Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Running COMSOL Server Behind a Reverse Proxy . . . . . . . . . . . 76
Setting Up COMSOL Server for Secure Connections . . . . . . . . . 78
Resetting the Administrator Password . . . . . . . . . . . . . . . . . . . . . . . 80
Migrating from a Previous COMSOL Server Version . . . . . . . . . . 81
4|
Introduction
With a COMSOL Server™ license, a COMSOL Multiphysics® application can be
run in major web browsers on platforms such as Windows®, macOS, iOS, Linux®,
and Android™. In the Windows® operating system, you can also run COMSOL
applications by connecting to a COMSOL Server with an easy-to-install
COMSOL® Client, available for download from www.comsol.com. COMSOL
Server does not include the Application Builder, Physics Builder, and Model
Builder tools that come with the COMSOL Desktop® environment.
A COMSOL runnable application is a COMSOL Multiphysics MPH-file that, in
addition to the model part, includes a custom user interface that you can run as a
separate application or in a web client. To create such applications, use the
Application Builder, which is included in the Windows® version of COMSOL
Multiphysics. For more information on how to build applications, refer to the
Introduction to Application Builder and Application Programming Guide.
COMSOL Multiphysics and its add-on products are used to create an application.
A license for the same add-on products is required to run the application from
COMSOL Server. Users can run up to four concurrent applications through a
single COMSOL Server license.
COMSOL Server is a multiuser service that can be run continuously on the host
computer. It can be configured to start automatically upon booting. Optionally,
COMSOL Server can be run on multiple computers to support more
simultaneous users and concurrent applications than a single computer would
support.
COMSOL Server contains administrative tools that allow you to create user
accounts and user groups. You can also create user accounts based on a preexisting
database of users on your system.
Additional resources, including video tutorials, are available online at
www.comsol.com/video.
|5
The figure below shows the COMSOL Server web interface and an application
running in a web browser.
U SERS
AND
R OLES
IN
COMSOL S ERVER
Use the COMSOL Server web interface to assign usernames and passwords and
to grant privileges. The administrator role can add and remove users as well as
stop jobs. The power user is a moderator of a set of groups and the members
therein. Those groups are selected by an administrator or created by the power
user. The user role is for running and uploading applications. The guest role is only
for running applications.
ROLE
ADD/REMOVE USERS
UPLOAD APPLICATIONS
RUN APPLICATIONS
Administrator
Yes
Yes
Yes
a
Power user
Yes
Yes
Yes
User
No
Yes
Yes
Guest
No
No
Yes
6|
a. There is a global preference setting that determines if power users are allowed to create and remove
users and groups. The power user may only remove users that are members of the power user’s
moderated groups.
There is also a group concept in COMSOL Server that you can use to manage
groups of users. Use groups to grant access to different categories of applications
that are relevant to that particular group.
COMSOL Server can maintain its own database of users and groups. You can also
configure COMSOL Server to use the login mechanism of your operating system,
such as Windows® Authentication or Lightweight Directory Access Protocol
(LDAP).
|7
Installing COMSOL Server
A COMSOL Server installation is similar to a COMSOL Multiphysics installation,
the only difference being an additional step called Server.
For detailed information on installation, license files, and license management, see
the COMSOL Multiphysics Installation Guide.
Before starting COMSOL Server you need to start a license manager. For
more information on the FlexNet® license manager, see the COMSOL
Multiphysics Installation Guide. You can download the document
from www.comsol.com/iog. The FlexNet® license manager is installed
together with COMSOL Server. A license server is not needed when
running a trial license.
The default COMSOL Server installation directory for each platform is as follows:
• Windows®: C:\Program Files\COMSOL\COMSOL53\Server
• Linux®: /usr/local/comsol53/server
• macOS: /Applications/COMSOL53/Server
For information about installing COMSOL Server for multiple computers and
sharing the installation, see Running COMSOL Server on Multiple Computers.
I n s t a l l i n g C O M S O L S e r ve r i n W i n d ow s
Start the installation by using the media that you have received or by using an
Internet download. In the COMSOL installer, after selecting your preferred
language, choose New COMSOL 5.3 Installation:
L ICENSE
In the next step, License, you are prompted for a passcode or license file.
COMSOL Server will only function with a license file (that you get from your
COMSOL representative). You can also use the Port number and Host Name
8|
option or Three-server redundancy, if your license administrator has given you
these details.
At this point, the COMSOL installer detects the type of license file used. The
following instructions assume that the license file used during installation
corresponds to a COMSOL Server license.
P RODUCTS
In the next step, Products, select the installation location and which software
products and components you want to install. Licensed COMSOL products are
|9
selected by default. There are options to include application libraries and software
components for the add-on products.
O PTIONS
In the Options step, you can choose to install Start menu shortcuts (Windows®
operating system only), install COMSOL Client, add Windows Firewall rules,
install LiveLink™ for Excel® (only available if you have licensed LiveLink™ for
Excel®)for all users, enable checking for updates after installation, and specify the
location for a MATLAB® installation (only available if you have licensed
LiveLink™ for MATLAB®). You can also select the type of installation from the
Select installation type list: Primary (the default) or Secondary. When running
COMSOL Server on multiple computers, the main server will be the primary
server and the rest will be secondary servers. If not installing COMSOL Server to
run on multiple computers, choose Primary. For information about installing
COMSOL Server for multiple computers, see Running COMSOL Server on
10 |
Multiple Computers.
L ICENSE M ANAGER
The License Manager page appears if the COMSOL Server Installer installed the
FlexNet license manager and your computer has been designated to run the
license server. If this page does not appear, you can manage the license server using
LMTOOLS. This page contains the following options:
• The Install license manager as a Windows service check box is selected by
default; if you clear the check box, the license manager will not be available
as a Windows service.
• The Path to the debug log file field contains a file path to the location of the
license manager debug log file (default: C:\comsol.log). Click Browse to
browse to and choose another file path.
• The Service name field shows the service name, LMCOMSOL, for information
only.
| 11
• Under Additional license manager options, you can select any of the following
check boxes:
- Select the Allow the lmdown command to be executed only from this computer
check box to restrict the access to the lmdown command, which you can use
to shut down the license manger, to this computer only.
- Select the Disable the lmdown command check box to make the lmdown
command unavailable.
- Select the Disable the lmremove command check box to make the lmremove
command, which you can use to remove a user’s license, unavailable.
S ERVER
The next Server step does not have any corresponding step in the COMSOL
Multiphysics installer but is unique to a COMSOL Server installation. This step
makes it possible to set up COMSOL Server as a Windows® service and enables
12 |
you to configure an initial user database. The Server page in the COMSOL
Installer includes the following settings (see the following sections):
Settings for Launching COMSOL Server
The basic setting is the Default COMSOL Server port, which is set to 2036. By
default, COMSOL Server uses a range of ports from 2036 and above.
There are two different ways to install COMSOL Server in Windows®. If you
select the Install COMSOL Server as a Windows service check box (the default), then
COMSOL Server is installed as a Windows® service. Otherwise, COMSOL Server
is installed as a regular executable. Use the Startup list to configure how to start
COMSOL Server when installed as a Windows® service. Choose Disabled, Manual,
Automatic (the default), or Automatic (Delayed Start). With the default choice of
Automatic, the installed COMSOL Server service is configured to start
automatically when the host computer boots or restarts. This setting provides the
highest availability to users of the installed server. With Automatic (Delayed Start)
the service also starts automatically but delayed until all automatic-start threads
have finished starting. If you select Manual or Disabled, the COMSOL Server
service will not be started after the installation.
| 13
In the Service account list, by default, the installer provides the predefined
LocalService service account. It is recommended that you use the LocalService
account to run COMSOL Server service if you run COMSOL server on a single
computer; it has sufficient but limited privileges intended for running local
services. Alternatively another account with limited privileges can be used. You can
choose the predefined LocalService, LocalSystem, and NetworkService accounts in
Windows®, which have no password. When using other accounts, choose Custom
and provide a username and password. Consult the documentation that came with
the operating system for information about service accounts; for Windows®, see
also “The Services and Service Accounts Security Planning Guide”
(https://www.microsoft.com/en-us/download/details.aspx?id=5543).
If you choose Manual or Disabled for the COMSOL Server service’s
Startup setting, you can enable or start the services from the command
line or by using the Manage local services shortcut installed on the Start
menu in Windows®. The same configuration options are also available in
the snap-in Services in the Microsoft Management Console (search for
services from the Windows® Control Panel).
Creating a Local Administrative User for COMSOL Server
Select the Create default local administrative user check box to create a default
username and a temporary password for an administrator account. You can use
that account to log in to the web interface after installation to perform
administrative tasks (after changing the temporary password). In addition to this
administrator, which is local to the COMSOL Server user database, you can add
administrator accounts to that user database using Windows authentication (see
below).
The user account entered here can only be used to log in to
COMSOL Server running as a Windows®service. If COMSOL
Server is not installed as a service, it will ask for a default username
and password when it is first launched.
When selected it creates:
• A local user in the file <COMSOL Server installation directory>\
bin\tomcat\conf\login.properties.
• A roles file <COMSOL Server installation directory>\
bin\tomcat\conf\roles.properties. The roles file assigns administrative
rights to the user you specify.
14 |
For the LocalService account, the home directory typically is
C:\Windows\ServiceProfiles\LocalService
If you do not create a local administrator, you cannot log in using the COMSOL
Server web interface unless at least one user is configured with Windows®
Authentication or LDAP, for Linux® and macOS, holding the administrative role.
You can also configure the administrator later by manually editing configuration
files.
Support Running COMSOL Server on Multiple Computers
For information about the settings for running COMSOL Server in multiple
computers, see Running COMSOL Server on Multiple Computers.
Using Windows Authentication
Select Use Windows authentication to use Windows® authentication in addition to
the users from the local user database and the administrator you may have chosen
to provide in the settings above. Windows® authentication is only available when
you install COMSOL Server on a computer using the Windows® operating
system. Windows® authentication adds value when you can let your users log in
with their regular domain user accounts instead of having to create custom
COMSOL Server accounts for each user.
The text fields under Windows authentication mapping for Administrators, Power
users, Users, and Guests associate Windows® groups or built-in security principals,
separated by semicolons, with COMSOL Server roles for administrators, power
users, users, and guests, respectively. The defaults are
BUILTIN\Administrators, BUILTIN\Power Users, BUILTIN\Users, and
BUILTIN\Guests, respectively, which refer to users in such Windows® groups on
the computer where you install COMSOL Server. Click the corresponding Check
Names button to verify that the group names are valid. If you type only a name
(Guests, for example), the installer finds its location and prepends it in the text
field when you click Check Names. You can only map a specific Windows® group
to a single COMSOL Server role.
You must make sure the Windows® groups you associate with the
roles exist in your Windows® installation, otherwise the mapping
for the missing groups will not be in effect until they are created.
If you leave one of the roles text fields empty, no user will be given
this role.
See Configuring COMSOL Server for more information about Windows®
authentication.
| 15
Using LDAP Authentication
LDAP configuration is required after the installation. See Configuring COMSOL
Server.
I NSTALL
The Install step lets you monitor the installation progress.
If you install COMSOL Client along with COMSOL Server, a COMSOL Client 5.3
Installer window appears where you must accept the license agreement. It is
possible to copy and paste the license agreement text if needed. You then also
select the destination folder and installation options for COMSOL Client and
finally install COMSOL Client.
16 |
F INISH
The last step Finish lets you view an installation log in the case there are warnings
or errors.
I n s t a l l i n g C O M S O L S e r ve r i n L i nu x a n d m a c O S
When installing in the Linux® and macOS operating systems the Server step
contains the setting for a default administrative user account. See Starting
COMSOL Server for more information about how to automatically launch
COMSOL Server after installation on Linux® and macOS. You can also select to
support running COMSOL Server on multiple computers (see Running
COMSOL Server on Multiple Computers.
| 17
C REATING
A
L OCAL A DMINISTRATIVE U SER
FOR
COMSOL S ERVER
Select Create a local administrative user for COMSOL Server and provide a username
and temporary password to create a default administrative account that is provided
when COMSOL Server is started as a service.
When selected the installer creates:
• A local user in the file <COMSOL Server installation directory>/
bin/tomcat/conf/login.properties.
• A roles file <COMSOL Server installation directory>/
bin/tomcat/conf/roles.properties. The roles file assigns administrative
rights to the user you specify.
If you do not create an administrator, you can start COMSOL Server as the user
you intend COMSOL Server with and manually enter the password.
For security reasons, it is not recommended to use an account with administrative
privileges to run COMSOL Server.
F i rew a l l s
By default, COMSOL Server uses a range of ports from 2036 and above. You
must open up firewalls that exist between the server and your users. Open up for
incoming TCP connections to those ports. To improve security, you may reduce
the IP address range to known potential IP addresses for your users.
18 |
Starting COMSOL Server
S t a r t i n g a n d R u n n i n g C O M S O L S e r ve r L o c a l ly i n
Windows
This section describes the steps that are necessary for starting and running
COMSOL Server locally on a Windows® computer. These instructions apply if
COMSOL Server will be used locally by a single user or if COMSOL Server will
run on a computer that is not connected to a network.
For making COMSOL Server available to other users or for running in macOS or
Linux®, see the subsequent sections.
When installing and running COMSOL Server locally according to the
instructions below, you will be running as an administrative user.
Before starting COMSOL Server you need to start a license manager. For more
information on the FlexNet® license manager and license files, see the COMSOL
Multiphysics Installation Guide. You can download that document from
www.comsol.com/iog. The FlexNet® license manager is installed together with
COMSOL Server.
From the Start Menu, select COMSOL Launchers>LMTOOLS. This starts the license
manager utility program.
In the first Service/License File page, select Configuration using Services.
This setting allows the license manager to start automatically when your computer
is rebooted.
| 19
Click the Config Services page.
In this page you specify the path to:
• The license manager executable file lmgrd.exe
• The license file license.dat
• A debug log file
The license manager executable file and the license file are located in the
installation directory. By default the locations are:
C:\Program Files\COMSOL\COMSOL53\Server\license\win64\lmgrd.exe
and
C:\Program Files\COMSOL\COMSOL53\Server\license\license.dat
respectively. Note that when browsing to the location of the license file you need
to change the filter of the file browser from the default .lic to .dat, as shown in
the figure below.
The license file is automatically copied to the license directory by the COMSOL
Server installer. In addition, if the original license file given to you by your
COMSOL representative had a different name, it will automatically be changed to
license.dat.
20 |
For the license manager to start automatically if your computer is rebooted, select
the Use Services and Start Server at Power Up check boxes.
To save your settings, click Save Service.
The next step is to start the license manager. Go to the page Start/Stop/Reread.
Click Start Server. (Server in this context refers to the license manager server
software and not COMSOL Server.) If the license manager started successfully, a
message Server Start Successful is displayed at the bottom of the window.
If the server failed to start, see the COMSOL Multiphysics Installation Guide for
more information.
The next step is to start the COMSOL Server. From the Start menu, select
COMSOL Launchers>Start COMSOL Server.
| 21
This will start COMSOL Server as a service, COMSOL Server 5.3 Service, which
you can see in the Windows® Services window. In this case, port 2036 is used. If
this port is not available, then the next available port will be used.
You can now log in to COMSOL Server from a web browser or COMSOL Client.
Assuming you are logging in from a web browser, start your web browser and type
http://localhost:2036 in the address bar.
22 |
You are now prompted for the username and password that you specified during
the installation. You can now continue reading the section Running Applications.
S ta r t i n g C O M S OL S e r ve r a s a W i n d ow s S e r v i c e
By default, COMSOL Server is installed as a Windows® service that is set to start
automatically. In this case, a link to the COMSOL Server web interface is installed
on the Start menu as COMSOL Server. See Logging in to COMSOL Server for more
information about accessing the web interface.
To manually start or stop the COMSOL Server service, or to configure if it is
started automatically, use the Manage local services shortcut installed on the Start
menu. The same configuration options are also available in the snap-in Services, in
the Microsoft Management Console (search for services from the Windows Control
Panel).
Before starting COMSOL Server you need to start a license manager. For
more information on the FlexNet® license manager, see the COMSOL
Multiphysics Installation Guide. You can download the document
from www.comsol.com/iog. The FlexNet® license manager is installed
together with COMSOL Server.
S t a r t i n g C O M S O L S e r ve r M a nu a l ly i n W i n d ow s
You can start COMSOL Server by using the shortcut installed on the Start menu
as COMSOL Server, by double-clicking the Windows® executable in a file browser,
or from the command window.
When COMSOL Server has been installed as a Windows service,
the shortcut for starting manually is not available on the Start
menu. It is not recommended to start COMSOL Server manually
when the service is running. Since the service runs under a special
system user account, it does not share its application and user
database with COMSOL Server started manually.
| 23
The COMSOL Server executable is located at:
<Installation directory>\bin\win64\comsolserver.exe
An example of a typical <Installation directory> is:
C:\Program Files\COMSOL\COMSOL53\Server\bin\win64
The figure below shows the Start menu items for COMSOL Server:
To start COMSOL Server from a command window, type
<Installation directory>\bin\win64\comsolserver.exe
For both methods of starting COMSOL Server, the command window displays a
short message that COMSOL Server has started and which port number is used.
In case the default port number 2036 is busy, subsequent port numbers are
searched until a free port number has been found (or you can set the port number
manually).
If there is no default administrative account, you are prompted for an initial
administrator when starting COMSOL Server for the first time from your current
user account. You can use the administrator account to add users with the
COMSOL Server web interface at http://localhost:2036 (assuming that port
number 2036 is free).
When additional users log in to COMSOL Server, information on which port
numbers are used is displayed in the command window.
24 |
Once started, see Logging in to COMSOL Server for how to access the COMSOL
Server web interface.
S t a r t i n g C O M S O L S e r ve r i n L i nu x
To start COMSOL Server manually, type
<Server installation>/bin/comsol server -silent -login never
If there is no default administrative account, you are prompted for an initial
administrator when starting COMSOL Server for the first time from your current
user account. You can use the administrator account to add users with the
COMSOL Server web interface at http://localhost:2036 (assuming that port
number 2036 is free).
SYSTEMD
S ERVICE
Use the following instructions to start COMSOL Server in a Linux version that
includes systemd:
Create a file /usr/lib/systemd/system/comsolserver53.service with
content similar to:
[Unit]
Description=COMSOL Server 5.3
Wants=network.target network-online.target
After=network.target network-online.target
[Service]
Type=forking
User=comsoluser
Group=comsolgroup
TimeoutSec=300
ProtectHome=off
ExecStart=/usr/local/comsol53/server/bin/comsol service
[Install]
WantedBy=multi-user.target
You only need to replace the values for User and Group. Then run:
systemctl enable /usr/lib/systemd/system/comsolserver53.service
to activate the service and
systemctl start comsolserver53
to start it.
| 25
B OOT S CRIPT
This section is applicable for older Linux versions that do not include systemd.
For COMSOL Server to start automatically at boot up, you need to add Bourne
shell commands to the appropriate boot script. You must be a superuser (root) to
edit boot scripts.
For security reasons, it is recommended that the daemons are not
started as a user with administrative privileges. Instead, use a
dedicated username to start the license manager.
Add the following text to the end of the file rc.local in the /etc directory of
your Linux® system:
FP=<Server installation>
MYUSER=username
if [ -x $FP/bin/comsol ]; then
su $MYUSER -c "umask 022; $FP/bin/comsol server -silent -login never" &
fi
Replace the installation directory with your actual installation directory, and
username with the username that you want to have to run the service.
You should not use the root user or another user with system
access. Create a special user for COMSOL Server with limited
system access.
S t a r t i n g C O M S O L S e r ve r i n m a cO S
To start COMSOL Server manually, type
<Installation directory>/bin/comsol server
If there is no default administrative account, you are prompted for an initial
administrator when starting COMSOL Server for the first time from your current
user account. You can use the administrator account to add users with the
COMSOL Server web interface on http://localhost:2036.
26 |
L og gi n g i n t o C OM S OL Se r ve r
In a web browser, go to http://localhost:2036 (if you are accessing it
remotely, use the computer name — computer name and domain, or the local IP
address — of your server instead of localhost). If the port number 2036 is taken,
then COMSOL Server will use the next available port number: 2037, 2038, and
so on. Log in to COMSOL Server with your username and password.
Press return or click Log in to COMSOL Server. If you log in for the first time, you
must also read the COMSOL Software License Agreement and click Accept to
enter the COMSOL Server web interface. A user only needs to accept the license
| 27
agreement once. If you have specified a temporary password, you must change
that temporary password to a new password.
After changing the password, you much log in again using the new password.
After five failed consecutive attempts to log in to COMSOL Server using the web
interface, you will be locked out for five minutes before you can log in again.
You can log out from COMSOL Server by clicking Log Out in the upper-right
corner of the COMSOL Server web interface.
As an alternative to logging in from a web browser, you can log in from the
COMSOL Client for Windows®. For more information see Running Applications
in the COMSOL Client.
28 |
COMSOL Server Administration
Ove r view
COMSOL Server can be managed through its web interface. Log in using an
administrator username and password. Once logged in, you have access to an
Administration section in the web interface with windows for Monitor, User
Database, Preferences, and Appearance. An administrator can also control, through
preference settings, if power users can view preferences and create users and
groups.
Users cannot access the Administration tools; guests cannot access the
Administration tools and cannot upload applications. Power users can, depending
on the preference settings, access all or parts of the Administration tools.
You can filter the applications by favorite status, application visibility (Public, All
groups, Private), or by individual groups (see Sorting and Filtering Applications).
See also Setting Up COMSOL Server for Secure Connections.
At the bottom of the web interface, you can click About COMSOL Server™ window
to view some general information about COMSOL Server. From that window,
click Licensed and Used Products to view a list of licensed products and their use.
Monitor
On the Monitor page you find information including the local IP address; OS and
architecture; the start time and uptime; and CPU and memory use. There is also
an overview of the running application sessions with the session ID; application;
user; start time, runtime, and idle time; and memory and CPU usage. Click the
column header for a session property to sort the application sessions alphabetically
based on that property. Click Close to stop a session.
In the upper-right corner, you can click Servers for monitoring server processes,
or click Sessions for monitoring application sessions.
For Servers, the Monitor page shows monitoring data for all COMSOL Server
processes (primary and secondary server processes) as well as the application server
processes running on these COMSOL Servers. The application server processes
| 29
include both processes that currently are running application sessions, as well as
application server processes that are prelaunched. An administrator or power user
can choose to either end an application server process (physically stop the process)
or, if applicable, close the application session using the process. In the latter case,
the process is freed to be reused by another application session. To do so, click the
X under End. A Close Session or End Process dialog box then opens.
Selecting the Show all processes check box enables the display of prelaunched
application processes in the list of Processes. A prelaunched application process is
used to speed up the launch of new applications and does not check out any
COMSOL Server license.
You can hide parts of the information on the Monitor page using two buttons in
the upper-right part of the page:
• Click the Hide system information button to only show CPU usage and free
memory instead of the full information under System information.
• Click the Hide processes button to hide the information under Processes.
For Sessions, the Monitor page shows monitoring data for all currently running
application sessions. The information shown here is the same as that which can be
shown for running applications in the Application Library. Similar to the Servers
30 |
display, administrators and power users can close application sessions for users by
clicking the X under Close, which opens a Close Sessions dialog box.
| 31
User Database
On the User Database page, you can add users and groups to the server’s user
database. See Adding and Editing Users and Groups
If, for example, a new user logs in, you need to click refresh in
browser to update the User Database page.
Prefe re n c es
On the Preferences page you access server administrative preferences and settings.
Administrators and, depending on the preference settings, power users have access
the Preferences page, but only administrators can change preference settings. At
the bottom of the COMSOL Server window, click Save to store the changes to the
preferences. You can also click Revert to Saved to restore the settings to those that
were most recently saved. If you have unsaved changes to preferences settings,
32 |
those settings appear with a red asterisk. To restore the original preference
settings, click Factory Settings.
G ENERAL
Under General, you can control the following settings:
• Choose the language to use for COMSOL Server from the Language list.
COMSOL Server supports the same languages as the COMSOL Desktop
user interface.
• Choose a web rendering type from the Web rendering list: WebGL™ (the
default) or Images from server. WebGL is a standard for interactive 3D and 2D
graphics in web browsers. The option Images from server is used for browsers
that do not support WebGL. It renders by generating images instead of offering
interactive graphics. The COMSOL Client for the Windows® operating system
provides the same interactive graphics rendering options as the COMSOL
Desktop user interface: OpenGL, DirectX, and Software. These options are
chosen from the COMSOL Desktop Startup menu icons.
In addition, the settings in the following tables are available:
| 33
S ESSIONS
The table below summarizes the settings in the Sessions section.
SETTING
DEFAULT
DESCRIPTION
Max number of
concurrent applications
per user
4
The maximum number of concurrently running
applications per user.
Idle timeout (s)
0
The maximum idle time in seconds before idle
applications are closed. This option makes it
possible to reduce resources and licenses required
on the server. The default (0) is an infinite timeout
time.
Runtime timeout (s)
0
The maximum total elapsed time in seconds
before running applications are closed. This option
makes it possible to reduce resources and licenses
required on the server. The default (0) is an infinite
timeout time.
Username for license
checkout
From
operating
system
Controls what username is logged for checking out
licenses when running licenses. Select From
operating system to use the name of the user
account used to launch COMSOL Server. Select
From COMSOL Server to use the name of the
COMSOL Server account, which can make it
easier to track license usage among users.
Show side menu for
applications
On
Enable or disable the side menu that is available
when running applications in a web browser.
P ROCESSES
To allow faster launching of applications, application processes are prelaunched
and reused on the server. Additionally, a number of applications are preloaded in
these processes. The following table summarizes the settings in the Processes
section.
34 |
SETTING
DEFAULT
DESCRIPTION
With secondary
servers connected,
launch processes
on
Only secondary
servers
Choose to launch application processes on only
secondary servers or on both primary and
secondary servers.
Enable
prelaunching and
reuse of processes
On
The default setting allow for a specified number
of processes that can be used for prelaunching
and reuse. Choose Off to disable prelaunching
and reuse of application processes. The
following three settings apply when this option is
set to On.
Minimum number
of processes
1
The minimum number of processes to
prelaunch and reuse.
Maximum number
of processes
4
The maximum number of processes to
prelaunch and reuse.
Process keep alive
timeout (s)
0
The time (in seconds) that a process should be
kept alive when they are not claimed by an
application session. The default (0) means that
the processes will never be shut down.
Recently run
1
This setting allows an administrator to manually
set the number of prelaunched application
processes that should be available for launching
applications.
Preloaded
applications
No selected
application.
Select the applications to be preloaded. The
selected applications are explicitly preloaded. If
there is overlap with the most recently run
applications, the overlapping applications are still
only loaded once.
Under Preloaded
Applications:
A guideline for choosing these values is that the Minimum number of processors
value should correspond to the expected number of applications being started
simultaneously in a narrow time span, while the Maximum number of processors
value should correspond to the expected median number of applications that will
run simultaneously at any point in time. You can also set a Process keep alive
timeout, after which prelaunched processes in excess of the minimum number of
processes are shut down by COMSOL Server if they are not claimed by an
application session before that timeout is reached. When secondary servers are
| 35
connected, the settings for number of processes are counted per server. For
example, if you have 4 secondary servers you by default get a minimum of 4
prelaunched processes in total, or 5 processes if set to launch processes on Both
primary and secondary servers.
E MAIL
In the Email section you can define the settings for sending emails from
applications:
SETTING
DESCRIPTION
Host
The email server’s host name.
Port
The port number (default: 25).
Connection security
Use no connection security (None; the default), or use an
encrypted connection for emails sent from applications by selecting
STARTTLS or TLS/SSL.
User
The user account for logging in to the email server, if required by
the server.
Password
Password for the user account, if required by the server.
From address
The sender’s email address for emails sent from applications.
PERMISSIONS
In this section, and administrator can control the following permission rights:
Select or clear the Allow Power users to create and delete users and groups and Allow
Power users to view preferences check boxes to control or restrict the access for
power users to these administrative tools. By default, these check boxes are
selected. Also, select the Allow Users and Guests to view license information check
box to allow uses and guests to click Licensed and Used Products in the About
COMSOL Server™ window and view a list of licensed products and their use on the
Licensed and Used Products page.
F ILES
The table below summarizes the settings in the Files section.
SETTING
DESCRIPTION
Folder for uploaded applications
Folders for MPH-files.
Folder for user files (user:///)
Folders for files referred to in MPH-files.
Folder for common files (common:///)
Common storage area for files created by applications.
36 |
SETTING
DESCRIPTION
Folder for temporary files (temp:///)
Storage area for temporary files created by
applications.
Application upload max file size in MB
The largest size of any application that can be uploaded
(in MB). The default is 4096 MB.
S ECURITY
The following security settings are available on the Preferences page in the
COMSOL Server web interface when you are logged in as an administrator. (The
corresponding settings in COMSOL Multiphysics can be found on the Security
page in the Preferences dialog box, which you open from the COMSOL Desktop.)
• Select the Allow batch jobs check box to allow applications to run detachable
batch jobs. These are separate COMSOL Server processes where the
simulation is stored on file when the computation is finished. This
functionality is used in the Batch, Batch Sweep, Cluster Computing, and
Cluster Sweep nodes in the COMSOL Desktop model tree.
• Select Allow external processes and libraries to allow applications to start
external processes on the computer hosting COMSOL Server. This includes
using the built-in executeOS() method. This setting also allows external C
libraries to be called from methods in an application. The security settings
do not extend to methods used to access the model object.
Under Methods and Java libraries:
• The Enforce security restrictions check box is selected by default. If selected,
this check box enforces the following restrictions on methods and Java
libraries:
- Select the Allow access to system properties check box to read and write values
to system properties such as System.getProperty("cs.np") which can be
used to determine the number of cores that COMSOL Server currently uses.
- Select the Allow changes to the runtime system check box to allow methods
and Java libraries to change the runtime system — for instance, by modifying
class loaders.
- From the File system access list, select Temporary and application files (the
default) to restrict methods and Java libraries to only have access to such files,
or select All files to allow methods and Java libraries to access all files that the
| 37
account used to start the COMSOL Server service (default: LocalService) has
permissions to access on the file system.
- Select the Allow access to network sockets check box to allow methods and
Java libraries to open sockets for network access.
- Select the Allow control of the network authentication method check box to
allow methods and Java libraries to control the network authentication
method used.
- Select the Allow access to classes through reflection check box to allow access
to all members in a class through reflection.
- Select the Allow access to runtime security settings check box to allow methods
and Java libraries to access security settings.
All check boxes above are cleared by default, enforcing those security restrictions.
R ECOVERY
FOR
A PPLICATION B UILDER
The table below summarizes the settings in the Recovery for Application Builder
section.
SETTING
DEFAULT
DESCRIPTION
Save recovery file
Off
Determines if launched applications should be
configured to automatically use recovery files.
This means that failed applications can be
recovered by accessing these files.
Folder for
recovery files
HOME\.comsol\
v53server\recoveries
Common storage area for recovery files.
Click Save to store the updated preference settings.
M ULTICORE
The table below summarizes the settings in the Multicore section.
SETTING
DEFAULT
DESCRIPTION
Number of cores
Auto
Determines if the number of cores assigned to
each application is determined automatically
(Auto) or by manual input (Manual). The
automatic number of cores is balanced for
allowing four apps to run at the same time on
each server.
Manual
All cores
Number of cores assigned to each application in
the manual case. The default number is 1.
38 |
Adjust the Number of cores setting accordingly with respect to expected number
of concurrent users, concurrently running applications, and the number of cores
on the computer hosting COMSOL Server.
C LUSTER
The cluster computing preference settings are the same as the ones on the
Multicore and Cluster Computing preferences page in COMSOL Multiphysics. See
the COMSOL Multiphysics Reference Manual for more information. The settings
here apply whenever a cluster feature is set to Preferences controlled.
R EMOTE C OMPUTING
The remote computing preference settings are the same as the ones on the Remote
Computing preferences page in COMSOL Multiphysics. See the COMSOL
Multiphysics Reference Manual for more information.
R UN A PPLICATION
ON
L OGIN
In the Run application on login section, select the application to run from the
Application list. The default is None (no application is launched and run). If an
application is selected here, it is automatically started when a non-administrative
user logs in. Only administrators and power users can the see the full Application
Library.
A PPLICATION L IBRARY
In this section you can specify which applications that appear and what application
information to show.
Clear the Show demo application check box to remove the demo applications from
the Application Library window.
Select the Hide application properties check box for guests so that guest can run
applications but not view their properties.
Under Running Applications, you can control which application information to
show. You can select and sort the properties by dragging and dropping properties
or using the buttons: up arrow to move a property up; down arrow to move a
property down; minus sign to remove a property from the application information;
and plus sign to add a removed property. The first five of the selected properties
appear directly on the application information cards; the rest are included in the
properties and description information.
Clear the Show progress check box if you do not want progress information to
appear.
| 39
Appearance
On the Appearance page you access settings for the look and feel of COMSOL
Server. Available customizations include colors, logos, login screen content, and
custom HTML. Administrators and, depending on the preference settings, power
users have access the Appearance page, but only administrators can change the
settings. At the bottom of the COMSOL Server window, click Save to store the
changes to the appearance; click Factory Settings to restore the settings to the ones
used when starting COMSOL Server the first time.
G ENERAL
Select an overall color scheme for the COMSOL Server user interface from the
Color scheme list: Default, Light, or Dark.
Under Top Bar, Login Button, and Divider, you can specify the colors to use for
those user interface components on the login screen and the main COMSOL
Server user interface. Specify a hexadecimal RGB value (0–255) or click the color
40 |
picker (see the image below) to specify the colors to use for the primary color,
accent color, and text color.
I MAGES
Here you can add images files for the following images:
• Header image in the COMSOL Server user interface. This image or log will
appear on the top bar. Because it will be displayed above your primary color,
an image with a transparent background is recommended. The image format
can be .png or .gif, the maximum dimension is 250x40 pixels, and the file
size must be smaller than 500 KB.
• Default application thumbnail for applications. This image will be used for
uploaded applications without a thumbnail defined during their creation.
The image format can be .png or .gif, and the file size must be smaller than
500 KB.
• Favicon (shortcut icon or website icon) for your installation of COMSOL
Server. This image appears in the user’s browser tab. This image must be an
.ico file with a size of 16x16 pixels.
In all cases, click Browse to locate and choose an image to use.
L OGIN P AGE
Here you can specify the contents and look of the login page.
| 41
From the Login screen content list, choose Image only (the default), Text only, or
Image and text.
For the image, click Browse under Login screen image to choose another image
than the default COMSOL Server image.
For the text, enter a text to display on the login screen in the Text field.
For all content types, choose a style for the divider from the Divider list: Pulse (the
default) or one of the other available divider styles. Also, if desired, use another
text for the login button. In the Login button text field, Log in to COMSOL Server
appears by default.
C USTOM HTML
In this section you can add custom HTML to the following parts of the COMSOL
Server screen HTML:
• In the End of <head> field, add HTML code to appear at the end of the
<head> section.
• In the Beginning of <body> field, add HTML code to appear at the start of
the <body> section.
• In the End of <body> field, add HTML code to appear at the end of the
<body> section.
The following image shows an example of a customized login screen for
COMSOL Server:
42 |
C O M S O L S e r ve r C o m m a n d s
The general syntax of the COMSOL commands is
<command> [<target>] [<options>] [<target arguments>]
where square brackets indicate optional arguments. The main command to start
COMSOL Server is comsolserver (Windows) or comsol server (Linux and
Mac).
O PTIONS
You can enter various options after the COMSOL Server command and target.
The table below lists the options (See [<options>] in the command syntax)
available for the comsol server command. Always issue these options between
the command and the target (if any).
COMSOL SERVER OPTIONS (CURLY BRACKETS INDICATE DEFAULT VALUES)
COMSOL SERVER OPTION
DESCRIPTION
-np <no. of processors>
Number of processors.
-ipv6
Activate IPv6 support.
-c <path>
License file path.
-prefsdir <path>
Preference directory.
-tmpdir <path>
Temporary file directory.
-autosave {on} | off
Control saving of recovery files.
-recoverydir <path>
Path to recovery directories.
-comsolinifile
Specify custom path to .ini-file used when starting
COMSOL Server.
-forcegcc
Force load of GCC libraries (Linux).
-forcecomsolgcc
Force load of GCC libraries shipped with COMSOL
(Linux).
For the -tmpdir option, the COMSOL software uses the specified directory to
store temporary files. By default, the system temporary directory is used. It is
currently not recommended to run cleanup scripts in the temporary directory
based only on creation date, as that could remove temporary files that were created
when COMSOL Server and its application processes were launched but that are
still required. Use the -prefsdir option to specify the directory where COMSOL
Server stores the preference file.
| 43
Running Applications
COMSOL applications can be run by connecting to COMSOL Server from a web
browser, or from a COMSOL Client for Windows®. The COMSOL Client for
Windows® allows a user to run applications that require a LiveLink™ product for
CAD, as described in Running Applications in the COMSOL Client. In addition,
the COMSOL Client for Windows® supports interactive graphics in 1D, 2D, and
3D.
Running applications in a web browser does not require any installation and no
web browser plug-ins are needed. Running an application in a web browser
supports interactive graphics in 3D using WebGL™ technology. However,
selecting objects in graphics using mouse clicks in not supported when running in
a web browser.
After launching an application in the Application Library, it will become available
under Running Applications and can be reconnected to, even if the original browser
tab or COMSOL Client window housing the application has been closed. To shut
down the running application, click its stop button in the Application Library or
use the side menu available in the top-right corner if running in a web browser.
Administrators can shut down applications from the Monitor page.
You can create shortcuts to quickly access the most used applications from your
desktop. First, open up an application’s detailed view by clicking on its name or
image. From there, you have the option to create a shortcut link that opens the
application, either in COMSOL Client or in your browser.
L og s o f A p p l i c a t i o n U s age
COMSOL Server provides a text-based log file that lists application usage
information and that can be imported into, for example, Microsoft® Excel® for
further processing. After an application has been stopped, a line with information
is appended to a log file, app_usage.txt, that is created in the
.comsol\v53server\statistics directory.
The following information is included for each application run:
• Username
• Server name
• Application name
• Application filename
44 |
• Start time
• Stop time
• Session time (wall clock)
• CPU time
• Number of cores used
R u n n i n g A p p l i c a t i o n s i n a We b B rows e r
Using a web browser you can point directly to the computer name and port
number of a COMSOL Server web interface — for example,
http://abc.mycorp.com:2036. You need to provide a username and password
to log in using the web interface.
| 45
When logged in, the Application Library page displays a list of applications to run.
When logged in as user or guest, the Administration options, in the panel to the
left, are not visible.
46 |
Click Run in browser to run an application in a web browser. Applications are run
in separate tabs in the browser.
You can also click the down arrow in the lower-right corner to choose Run in
COMSOL Client, to run the application using COMSOL Client instead.
Users can upload applications and determine which groups have access. Guests can
only run applications.
In the Application Library, when you have running applications, you can click Grid
View and List View in the upper-right corner to display the running application as
a grid with information about each running application or as a list of running
applications.
| 47
In the example above, information about three running applications appear in the
grid view. The information for an application is extended with live data for the
running application sessions. An administrator can select the type of live data
shown for a running application as well as the order in which they appear, by
choosing from the following predefined information items: Session time,
Connected in, Idle time, Process CPU, Start time, CPU time, Physical memory,
and Virtual memory. At most five of the selected items are shown directly on the
running applications in this view.
48 |
An administrator can also select to display a progress bar showing the completed
percentage of an on-going computation. The selection and sorting of items is
done on the Preference page under Application Library.
Click on the application icon or name to show a description and some general
information about that application. For a running application, all the available data
information appears.
In the information display, under Products used, you find the COMSOL products
used to create and run the application. From this display, you can also launch the
application and create a shortcut for running the application in a browser on using
COMSOL Client.
Click the Add to Favorites button (star) to add that application as a favorite
application. You can filter the list of applications in the Application Library to only
include favorite applications. For an application already marked as a favorite, click
the star next to the application under Favorites to remove it from the set of favorite
applications.
| 49
S IDE M ENU
FOR
A PPLICATIONS
When running applications in a web browser, users can access some actions
directly by pointing to the top-right corner (the following figure shows a close-up
of the side menu).
The following options are available, depending on the preference settings for
reconnecting to running applications and launching applications on login:
• Application Library (if Run application on login is set to None): Leave the
application running and navigate to the Application Library.
• Close Session: Close the application and navigate to the Application Library,
if Run application on login is set to None, or just close the application, if Run
application on login is active (an application is selected from the Application
list).
• Log Out: Leave the application running and log off the current user, or close
the application and log off the current user, if Run application on login is active
(an application is selected from the Application list).
50 |
U PLOADING
AND
E DITING A PPLICATIONS
As a user or administrator, you can expand the Application Library by uploading
applications (MPH-files). Click Upload, in the panel to the left, to open the Upload
Application dialog box.
Drag and drop application files to upload, or click Choose applications to browse
and select the applications to upload. Then select an option under Visibility: Public,
Group, or Private (the default). A public application is available to all users.
An application with a group visibility is available to members of the groups that
you select under Groups. A private application is available only to the user who
uploads it.
Click Upload to upload the selected applications. When you have uploaded an
application, a message Your application has been uploaded appears at the top of the
COMSOL Server window. The uploaded application gets an orange border to
identify that it has recently been uploaded.
| 51
To edit user applications (demo applications cannot be edited), click the
application icon and then click the Edit button in the lower-left corner of the
information window to open the Edit Application dialog box.
You can change the visibility of the application. This dialog box also contains a
Delete button to delete the application from the Application Library and a Save
button to save any new visibility settings.
S ORTING
AND
F ILTERING A PPLICATIONS
The menu at the top of the Application Library window contains options for
sorting and filtering the applications:
• From the Sort By list, choose to sort the applications by Name
(alphabetically), which is the default, Date uploaded (showing the latest
uploaded application first), or Author.
52 |
• From the Filter list, choose All (the default); Favorites; or one of Public, All
groups, or Private, or any available group.
C HANGING P ASSWORD
Under Your Settings in the menu to the left, click Change Password to open a
Change Password dialog box where you can change the password used to log in to
COMSOL Server.
L IMITATIONS W HEN R UNNING A PPLICATIONS
IN
WEB B ROWSERS
When you create applications for running in a web browser, make sure you use the
grid layout mode in the Application Builder. This will ensure that the user
interface layout adapts to the size and aspect ratio of the browser window. For
low-resolution displays, make sure to test the user interface layout in the target
platform to check that all form objects are visible. Applications that contain
resizable graphics forms may not fit in low-resolution displays. In such cases, use
graphics with fixed width and height to make sure all form objects fit in the target
browser window.
When running in a web browser, the interactive selection of domains, boundaries,
edges, and points is not supported. The LiveLink™ products for CAD software
packages are not supported when running in a web browser.
| 53
When running COMSOL applications in web browsers for smartphones and
certain tablets, not all functionality is supported. Typical limitations include the
ability to play sounds or open documents. In addition, file upload and download
may not be supported.
Running Applications in the COMSOL Client
As an alternative to using a web browser for running applications, the COMSOL
Client for Windows® can be used to connect to COMSOL Server and run
applications natively in the Windows® operating system. This typically gives better
graphics performance and supports interactive graphics in 1D, 2D, and 3D. In
addition, the COMSOL Client for Windows® allows applications that require a
LiveLink™ product for CAD, as listed below.
You can install the COMSOL Client together with COMSOL Server. You can
also download the COMSOL Client from www.comsol.com/client-download as
COMSOL53_client_win64.exe. The size of an installation file is about 40 MB
and expands to about 70 MB in the installation.
Double-click the download file to start the COMSOL Client installer:
In the next few steps of the installer, accept the license agreement and choose the
installation folder.
54 |
In the step Select Installation Options you get the options shown in the figure
below.
The following LiveLink™ products are available in the COMSOL Client:
• LiveLink™ for AutoCAD®
• LiveLink™ for Excel®
• LiveLink™ for Inventor® (One Window interface not available)
• LiveLink™ for PTC® Creo® Parametric™
• LiveLink™ for PTC® Pro/ENGINEER®
• LiveLink™ for Revit®
• LiveLink™ for Solid Edge®
• LiveLink™ for SOLIDWORKS® (One Window interface not available)
Once installed, double-click the Desktop or use the Start menu icon to start.
There are three Start menu options depending on the graphics renderer you want
to use: DirectX, OpenGL, and Software. When clicking the Desktop icon, the default
OpenGL renderer will be used. If the OpenGL renderer fails to function properly —
for example, due to limitations in the graphics card — then the COMSOL Client
shuts down. The next time you start the COMSOL Client, Software rendering will
| 55
be used as a fallback renderer. The OpenGL and DirectX options use hardware
graphics acceleration and give higher performance on supported graphics cards.
The installation options also let you associate the MPH-file type with the
COMSOL Client installation.
Before you can use the COMSOL Client to run applications, you must log in to
the COMSOL Server web interface with a valid username and password.
Logging in from the COMSOL Client displays a COMSOL Server web interface
identical to that seen when logging in from a web browser. Using the COMSOL
Client, applications run as native Windows® applications in separate windows that
have a Windows® look-and-feel. For example, applications run in the COMSOL
Client may have a Windows® specific ribbon with tabs. When run in a web
browser, ribbons are represented by a toolbar.
You can launch an application directly in the COMSOL Client through the
COMSOL Server interface by clicking the menu at the lower-right side of the
application in the Application Library and selecting Run in COMSOL Client.
For more information on running applications, see Running Applications in a Web
Browser.
R u n n i n g A p p l i c a t i o n s t h a t u s e L i ve L i n k P ro d u c t s
Most of the LiveLink™ products can be used in applications run with COMSOL
Server. However, in some cases the functionality is limited compared to running
with a COMSOL Multiphysics license that includes the COMSOL Desktop.
Depending on the LiveLink product, software components are installed with the
56 |
COMSOL Client or COMSOL Server. The table below summarizes where the
software components are installed and which functionality is available.
LIVELINK PRODUCT
LOCATION OF
SOFTWARE
COMPONENTS
FUNCTIONALITY
LiveLink™ for MATLAB®
Server
Support within applications is
limited to function calls from the
Global Definitions node in the
model tree, which can be used only
when accessing an application in a
web browser. LiveLink™ for
MATLAB® also supports
connecting from MATLAB®to
COMSOL Server using the
COMSOL API.
LiveLink™ for Excel®
Client
Loading and saving files are
supported.
LiveLink™ for SOLIDWORKS®
Client
Same as COMSOL Desktop, with
the exception that the One
Window interface is not supported.
Not supported when running
applications in a web browser.
LiveLink™ for Inventor®
Client
Same as COMSOL Desktop, with
the exception that the One
Window interface is not supported.
Not supported when running
applications in a web browser.
LiveLink™ for AutoCAD®
Client
Same as COMSOL Desktop. Not
supported when running
applications in a web browser.
LiveLink™ for Revit®
Client
Same as COMSOL Desktop. Not
supported when running
applications in a web browser.
LiveLink™ for PTC® Creo® Parametric™
Client
Same as COMSOL Desktop. Not
supported when running
applications in a web browser.
LiveLink™ for PTC® Pro/ENGINEER®
Client
Same as COMSOL Desktop. Not
supported when running
applications in a web browser.
LiveLink™ for Solid Edge®
Client
Same as COMSOL Desktop. Not
supported when running
applications in a web browser.
| 57
Running COMSOL Server on Multiple Computers
Running COMSOL Server on multiple computers allows for supporting more
simultaneous users and concurrent applications than a single computer would
support. The main COMSOL Server instance is called Primary and the rest are
called Secondary. The Primary server is used for all incoming connections — for
example, to show the web interface or to run applications in a web browser or with
COMSOL Client. The actual work of running the applications is offloaded to the
Secondary server computers (you can also specify it as a preference and run
applications on the primary sever; see Processes).
A prerequisite for running COMSOL Server on multiple computers is
that there is a Shared working directory on the network that is accessible
by all Primary and Secondary servers. The user account that is used to run
the COMSOL Server instances should have read and write access to this
directory. See Setting up a Shared Working Directory for information
about how to do this using the Windows operating system, and refer to
other documentation sources for sharing a directory on Linux or macOS.
I n s t a l l i n g C O M S O L S e r ve r o n M u l t i p l e C o m p u t e r s
The installation of COMSOL Server on multiple computers is similar to a regular
COMSOL Server installation. You first install the Primary COMSOL Server on
one computer and then install Secondary COMSOL Servers on the other
computers. During the installation you point out a Shared working directory on
the network that must be accessible for COMSOL Server on all of the installed
computers.
Optionally it is possible to share a common installation folder on the
network for all computers running COMSOL Server, both Primary and
Secondary. See the Sharing a COMSOL Server Installation for more
information.
58 |
I NSTALLING
THE
P RIMARY COMSOL S ERVER
On the Options page of the installer, choose Primary. On the Server page of the
installer, select the Support running COMSOL Server on multiple computers check
box and browse to your Shared working directory. The subdirectory v53server
will be appended to the working directory path to keep different versions of
COMSOL Server apart. Under Primary server hostname, the installer fills in a
guess for the hostname that the Secondary servers should use to contact the
Primary server. This should be a valid hostname that resolves to the primary
computer’s IP address.
When installing the primary COMSOL Server as a Windows service, the service
account must be able to access the shared working directory on the network. For
this reason, the default Service account changes from LocalService to NetworkService
when you select the Support running COMSOL Server on multiple computers check
box on the Server page. The NetworkService account presents itself as the
computer’s credential on the network, allowing it to access network shares
without a regular user account.
If installing COMSOL Server as a Windows service on a computer that is
not joined to a domain, the NetworkService account cannot be used
because computer credentials are not valid on work group networks. A
local user account should be entered instead in the Service account field.
I NSTALLING
THE
S ECONDARY COMSOL S ERVER
On the Options page of the installer, choose Secondary. On the Server page of the
installer, browse to your Shared working directory under Secondary COMSOL Server
settings to automatically load the settings used during the primary installation for
the Primary server hostname, Primary server port, and Primary server username
fields. If the loaded settings are not correct you can edit them before continuing,
for example if the secondary server would have to use a different hostname to
reach the primary server.
The path to the Shared working directory does not necessarily have to be identical
for the primary and secondary installation, as long as it points to the same directory
on all installations. For example, the path could be written as
\\ServerName\shared\v53server on Windows and
/mnt/servername/shared/v53server on Linux.
| 59
S t a r t i n g C O M S O L S e r ve r o n M u l t i p le C o m p u t e r s
The primary COMSOL Server is started similarly to a regular COMSOL Server
installation, either automatically or manually, which is described in Starting
COMSOL Server. Once the primary COMSOL Server has started, you can log in
with an administrative user and check on the Monitor page that the secondary
COMSOL Servers have connected.
Secondary COMSOL Servers are also started similarly to a regular COMSOL
Server installation. Once the secondary COMSOL Servers are started they
periodically try to connect to the primary COMSOL Server. This means that the
starting order of the primary and secondary COMSOL Servers is not important
Settin g up a Sh ared Wo r king Director y
S HARING
A
D IRECTORY
IN
W INDOWS
The following steps provide a basic procedure for setting up a Shared working
directory in Windows® for installing COMSOL Server on multiple computers:
1 Create a new folder in a convenient location on the computer that should host
the share.
2 Right-click the folder and choose Share with>Specific people.
3 Type Everyone and click Add.
4 Change Read to Read/Write next to Everyone.
5 Click Share.
6 Note the network path to the shared folder (for example,
\\ServerName\shared). This is what you will use during the installation.
Note that this procedure will give anyone on the network access to the share. Once
you know which user accounts and server computers that need to access the share
it is recommended to limit the access to those. Exactly how the shares should be
set up depends on for which user account COMSOL Server has been installed.
The default on Windows is the NetworkService user in the multiple computer
case. This is a special account with limited capabilities, which presents itself as the
computer on the network, not any specific user. In this case, the shares can be
secured as follows:
60 |
1 Right-click the shared folder and choose Properties, then switch to the Security
tab.
2 Click Edit, make sure Everyone is selected and click the Remove button to
remove access to everyone.
3 Click Add, then Object Types and make sure Computers is selected in the list.
4 Click OK and type a semicolon-separated list of all the computers where
COMSOL Server runs under the NetworkService account. (Alternatively, if
NetworkService has not been used, enter the accounts that COMSOL Server
runs under.)
5 Click OK and verify that the entries are added to the list.
6 Select the new entries and select the Full control check box (under Allow) for
each one.
7 Click OK and Close.
Network administrators can also make use of groups to more easily manage access
to the shared directory.
S HARING
A
D IRECTORY
IN
L INUX
OR
M AC
Consult the documentation that came with the operating system for information
about sharing directories on the network.
S h a r i n g a C O M S O L Se r ve r I n s t a l l a t i o n
As an alternative to installing the secondary COMSOL Servers separately on each
computer, it is possible to launch the secondary COMSOL Server processes from
the primary installation directory. To do this, first make sure that the computers
that should run the secondary COMSOL Servers have read access to the primary
installation directory over the network. Then use the procedure described in the
following subsections to launch the secondary COMSOL Server.
When secondary COMSOL Servers are launched from the primary installation
directory, their settings are read from a separate set of secondary .ini files, which
are created during the primary installation. This is similar to the automatic loading
of settings from the Shared working directory during a separate secondary
installation. Network-wise, the primary and secondary computers must be able to
connect to each other both through the main port of the COMSOL Server
(default: 2036) and through the temporary ports used for running applications,
which are in a range from port 2036 to at most port 10406. If the main port is
| 61
changed to a lower value (for example, port 80), the range of temporary ports
remains, whereas if the main port is increased above 2036, the range of temporary
ports is translated. The easiest way to set up the network is to put all computers
running COMSOL Server on a common network behind any firewall. To the
outside, the firewall only needs the main port of the COMSOL Server to be open.
L AUNCHING T HROUGH
A
S HORTCUT
IN
W INDOWS
On the computer that should run the secondary COMSOL Server, do the
following:
1 Navigate to the primary installation directory (for example,
\\ServerName\installation\COMSOL53\Server\bin\win64).
2 Right-click comsolserver.exe and choose Create Shortcut. Accept to have it
on the desktop because you cannot write to the installation directory.
3 Locate the new shortcut, right-click, and open the Properties. Add -secondary
to the end of the Target field.
4 Double-click the shortcut to launch the secondary COMSOL Server.
I NSTALLING
AS A
S ERVICE
IN
W INDOWS
On the computer that should run the secondary COMSOL Server, do the
following:
1 Open an administrative console (Windows-key + type cmd + right-click it and
choose Run as Administrator).
2 Enter the following command (notice that the spaces after, but not before, the
equal signs are mandatory; adapt the network path to match your installation):
sc create "COMSOLSecondaryService" binpath=
\\ServerName\installation\COMSOL53\Server\bin\win64\
comsolservicesecondary.exe
obj= "NT AUTHORITY\NetworkService" password= "" start= auto
3 The service is now installed. Enter this command to start it:
sc start "COMSOLSecondaryService"
L AUNCHING
ON
L INUX
AND
M AC
Use the procedure described in Starting COMSOL Server but append the
-secondary flag to the command.
62 |
Configuring COMSOL Server
To operate COMSOL Server, you must set up user authentication (password
validation) and authorization (groups and roles) for your users.
One administrator account can be added during installation. You
can also create an administrator after installation using
comsolserver.exe in the Windows® operating system or
comsol server in the macOS and Linux® operating systems.
COMSOL Server can maintain its own local user database. This is the easiest way
to set up the server. In addition, you can use your operating system’s user
authentication method.
Using the authentication method of your operating system is
supported when accessing COMSOL Server from a web browser
or from COMSOL Client over a secure connection.
C o n f i g u r i n g a L o c a l U se r D a t a b a s e
Using the COMSOL Server installer, you can set up an initial administrator
account. When no administrator account has been set up for COMSOL Server,
the initial administrator account is created the first time it is started.
You can add more users to the local user database as soon as COMSOL Server is
started. These users are automatically added to the local user database of your
COMSOL Server installation.
In a web browser, go to http://localhost:2036 (if you are accessing it
remotely, use the computer name — computer name and domain, or the local IP
address — of your server instead of localhost). If the port number 2036 is taken,
| 63
then COMSOL Server will use the next available port number: 2037, 2038, and
so on. Log in to COMSOL Server with your username and password.
Press return or click Log in to COMSOL Server. If you log in for the first time, you
must also read the COMSOL Software License Agreement and click Accept to
enter the COMSOL Server web interface.
You can log out from COMSOL Server by clicking Logout in the upper-right
corner of the COMSOL Server web interface.
64 |
A DDING
AND
E DITING U SERS
AND
G ROUPS
When you run COMSOL Server as administrator or power user, you have access
to a User Database page under Administration in the menu on the left side of the
COMSOL Server web interface.
From this page, you can manage users and groups for running and accessing
applications. Under Users, you see all users with their username, role, groups they
belong to, and status (if the user is logged in or not). Click a column header for a
user property to sort the users in alphabetical order based on that property. Click
the Edit User button (the pen icon) to open an Edit User dialog box for a user,
| 65
where you can change the password, role, and which groups the user moderates
(power users only) and belongs to.
Click Save to store the new user properties. You can also click Log Out User to log
out a user that is currently logged in, or click Delete to remove a user from the list.
66 |
Adding a New User
To add a new user, click the Add New User button.
In the New User dialog box, specify the Username and Password (you need to
confirm the password in the Repeat password field). Under Role, click
Administrator, Power user, User (the default), or Guest, depending on the role that
you want the user to have (see Users and Roles in COMSOL Server). If you are
logged in as a power user, you can only add users and guests. Under Groups, select
the check boxes for the available groups that you want the new user to belong to.
Finally, click Save to store the new user and its properties. The new user then
appears in the list under Users.
| 67
Adding Groups
You can use groups to ensure that users assigned to the same group can view and
run the same applications. Available groups appear on the User Database page
under Groups. To add a new group, click the Add New Group button.
In the New Group dialog box, enter a Group name. You can also specify an
application to run when logging in as a member of this group. Such a setting, if
chosen, overrides the global preference for which application to run. From the
Run application on login list, choose Use global preference (None), Disable for this
group, or choose any of the available applications listed below. Click Save to add
the new group. The added group then appears in the list under Groups.
You can control the visibility of the applications so that they are available only for
users within a certain group (or groups). Click on a group to open a dialog box
where you can change the setting for running an application on login. You can also
click Delete to remove that group.
68 |
C o n f i g u r i n g W i n d ow s A u t h e n t i c a t i o n
In addition to the local user database, the COMSOL Server installer for the
Windows® operating system makes it possible to use Windows® authentication.
To determine which Windows users are allowed to log in, and which COMSOL
Server roles they should have, you set up a mapping between Windows® groups
and COMSOL Server roles.
You will find the login configuration file created by the installer in
<Installation>\bin\tomcat\conf\login.config . In addition, there is a sample file for
Windows® authentication available in the file
<Installation>\bin\tomcat\conf\login.win.config :
ComsolServerLogin {
waffle.jaas.WindowsLoginModule optional
principalFormat=both
roleFormat=fqn;
com.comsol.jaas.ComsolServiceLoginModule optional
authenticate=true
"BUILTIN\\Administrators"=ComsolServerAdministrator
"BUILTIN\\Users"=ComsolServerUser
"Everyone"=ComsolServerGuest;
};
By modifying this login.win.config file and copying it to the file login.config you can
change the actual configuration used by the server and thus override any settings
made by the installer.
The lines
"BUILTIN\\Administrators"=ComsolServerAdministrator
"BUILTIN\\Users"=ComsolServerUser
"Everyone"=ComsolServerGuest;
map the Windows® groups Administrators, Users, and Everyone to the role
identifiers. The available role identifiers are ComsolServerAdministrator,
ComsolServerPowerUser, ComsolServerUser, and ComsolServerGuest,
corresponding to the COMSOL Server roles administrator, power user, user, and
guest, respectively.
For the details about settings in the configuration file, see the section Advanced
Login Configuration in this chapter.
| 69
Finally, use administration tools in Windows® to set up users and groups. For
example, use the Control Panel and the User Accounts settings in the control
panel.
Using the authentication method of your Windows® operating
system is supported when accessing COMSOL Server from a web
browser or from COMSOL Client over a secure connection.
C o n f i g u r i n g A c t i ve D i re c t o r y o r L DA P
In addition to the local user database and to the Windows Authentication available
on the Windows® operating system, it is possible to use a Windows® Active
Directory® or LDAP server to authenticate users. This means that you can use
your Active Directory® or LDAP usernames and passwords to log in to COMSOL
Server.
Configuring COMSOL Server to use an Active Directory or LDAP server for
authentication requires editing the configuration file at:
<Installation>\bin\tomcat\conf\login.config . There is a sample file for Active
Directory® authentication available in the file
<Installation>\bin\tomcat\conf\login.ad.config :
ComsolServerLogin {
com.sun.security.auth.module.LdapLoginModule OPTIONAL
userProvider="ldap://ldap.example.com:3268/DC=example,DC=com"
authIdentity="{USERNAME}@example.com"
userFilter="(&(sAMAccountName={USERNAME})(objectclass=user))"
authzIdentity="{MEMBEROF}"
useSSL=false;
com.comsol.jaas.ComsolServiceLoginModule OPTIONAL
authenticate=true;
};
In addition, a sample file for OpenLDAP is available in the file
<Installation>\bin\tomcat\conf\login.openldap.config :
ComsolServerLogin {
} com.sun.security.auth.module.LdapLoginModule REQUIRED
userProvider="ldap://ldap.example.com/ou=People,dc=example"
userFilter="(&(uid={USERNAME})(objectClass=inetOrgPerson))"
authzIdentity="{MAIL}"
useSSL=false;
com.comsol.jaas.ComsolServiceLoginModule required
authenticate=false;
};
70 |
Modify the sample files and overwrite login.config with the changes to configure
Active Directory® or LDAP authentication. You need to replace
ldap.example.com, example, and com with the name of your Active Directory®
or LDAP server and DC=example, DC=com with the settings of your Active
Directory® or LDAP server, respectively.
You need to add each user and the user’s associated role to the
roles.properties file in <Installation>\bin\tomcat\conf\. COMSOL
Server will user the username and password to authenticate. Use the syntax
alice=ComsolServerAdministrator;
dave=ComsolServerUser;
carol=ComsolServerGuest;
to add roles to the users alice, dave, and carol. ComsolServerAdministrator,
ComsolServerUser, and ComsolServerGuest are valid as the right-hand side,
representing the administrator, user, and guest roles in COMSOL Server,
respectively.
Alternatively, if a user has attempted to log in using an Active Directory® or LDAP
username, you can assign a role for that user from the COMSOL Server web
interface by editing the automatically created user account under
Administration>User Database.
The LDAP login module that COMSOL Server uses does not allow direct
mappings from Active Directory groups to COMSOL Server roles.
For the details about settings in the configuration file, see the section Advanced
Login Configuration in this chapter.
Active Directory® and LDAP authentication is supported when
accessing COMSOL Server from a web browser or from
COMSOL Client over a secure connection.
A d v a n c e d L og i n C o n f i g u r a t i o n
COMSOL Server uses the pluggable authentication mechanisms of JAAS (Java®
Authentication and Authorization Services). Using JAAS configuration files you
can configure to use Windows® authentication and LDAP authentication. You
| 71
can also combine local database users and operating system users by merging
configurations.
Using the operating system authentication method is supported
when accessing COMSOL Server from a web browser or from
COMSOL Client over a secure connection.
L OGIN M ODULE C ONFIGURATION F ILES
The COMSOL Server installation includes prepared login configuration files. Use
a suitable file, modify it, and replace the login.config file with an edited file to
configure the required login module.
Configuration Files in <Installation>\bin\tomcat\conf
FILE NAME
FILE DESCRIPTION
ACTION
login.config
Login configuration file
Contains the login configuration that the
running server uses.
login.openldap.config
LDAP configuration
sample file
Modify and copy to login.config to use a
OpenLDAP configuration.
login.ad.config
Active Directory sample
file
Modify and copy to login.config to use a
Active Directory configuration.
login.win.config
Windows authentication
sample file
Modify and copy to login.config to use a
Windows® authentication configuration.
login.local.config
Local configuration
sample file
Modify and copy to login.config to use a
local user database configuration.
login.properties
Initial user and password
file
Created by installer. Automatically copied
to the <user home>\.comsol\v53server\
login.properties of the user account that
started COMSOL Server the first time
the service is started.
roles.properties
Initial policy group file
Created by installer. Automatically copied
to the <user home>\.comsol\v53server\
service\roles.properties of the user
account that started COMSOL Server the
first time the service is started.
The local user database is represented by two files:
• The login.properties file, which contains the local user database. Each
row in this file represents a user. The username is followed by an equal sign and
72 |
a hashed password. The file should only be readable to the account running
COMSOL Server.
• The roles.properties file, which contains the roles of the users. Each row
in this file contains a user. The username is followed by an equal sign and a
semicolon-separated list of roles and groups that the user is associated with.
COMSOL L OGIN M ODULE
Configurable login modules are used to achieve the desired mechanism, and you
can combine multiple modules in an authentication and authorization chain.
A local user database is used by the default JAAS configuration for both
authentication (password validation) and authorization (groups and roles). A local
user account with administrative privileges can be created during the installation
process to allow subsequent login. It is also possible to configure COMSOL
Server to allow logins using nonlocal accounts optionally with a mapping from
nonlocal to local groups and roles as a part of the installation process.
The COMSOLServiceLoginModule can be used to perform authentication and
authorization of users based on the local user database or to perform mapping of
nonlocal to local roles and groups. This login module always gives administrative
privileges to the user owning the COMSOL Server process and all authenticated
users belong to the group Authenticated, which gives access to the COMSOL
Server web interface.
| 73
COMSOLServiceLoginModule Configuration Options
OPTION
VALUES
DESCRIPTION
debug
true/false
Debug information will be printed to the console.
authenticate
true/false
Determines if the module is used for
authentication or only for mapping of roles and
groups.
non-local-principal
<local-principal>
Any number of mappings from nonlocal role and
group names to local; note that multiple nonlocal
roles and groups can map to the same local roles
or groups but there can be only one mapping per
nonlocal role or group.
Other login modules: Any JAAS-compliant login modules can be
used as a part of the authentication sequence, but configuration
sometimes requires detailed knowledge about the authentication
server setup and IT system administrator skills.
JAAS C ONFIGURATION F ILE S YNTAX
The configuration file is a text file with an arbitrary name and extension containing
any number of entries of the form
COMSOLServerLogin {
LoginModuleClassName <behavior>
<option1> = <value1>
<option2> = <value2>;
}
LoginModuleClassName is the full name of a class implementing the
LoginModule interface, and in addition to those provided in the Java distribution
(like com.sun.security.auth.module.LdapLoginModule), COMSOL Server
provides com.comsol.jaas.ComsolServiceLoginModule.
For integrated Windows® authentication the
waffle.jaas.WindowsLoginModule is also included in the installation.
The <behavior> can be one of the following keywords:
• required — must authenticate the user
• requisite — no subsequent login modules will run if this fails
• sufficient — continues to run the other login modules in the list on
failure
• optional — at least one optional module must succeed if all are optional
74 |
The <option> is one of the valid options for the login module, and <value> is a
valid selection for this option. The configuration entry for one login module is
terminated by a semicolon, after which any number of additional login module
configuration entries can appear. However, there can be only one configuration
entry per login module.
The COMSOL Server login configuration file
installation-path/bin/tomcat/conf/login.config
is created during installation according to the selected options.
A configuration example for integrated Windows® authentication:
ComsolServerLogin {
waffle.jaas.WindowsLoginModule required
principalFormat=both
roleFormat=fqn;
com.comsol.jaas.ComsolServiceLoginModule required
authenticate=false
"BUILTIN\\Administrators"=ComsolServerAdministrator
"BUILTIN\\Users"=ComsolServerUser
"Everyone"=ComsolServerGuest;
};
In this case, the user must be authenticated by the
waffle.jaas.WindowsLoginModule, and the
com.comsol.jaas.ComsolServiceLoginModule performs a mapping of
groups from the Windows® account to COMSOL Server roles without
authenticating the user.
The following is a configuration example using either the LDAP interface of an
Active Directory server for authentication or the COMSOL Server local user
database:
ComsolServerLogin {
com.sun.security.auth.module.LdapLoginModule optional
userProvider="ldap://ldap.example.com:3268/DC=example,DC=com"
authIdentity="{USERNAME}@example.com"
userFilter="(&(sAMAccountName={USERNAME})(objectclass=user))"
authzIdentity="{MEMBEROF}"
useSSL=false;
com.comsol.jaas.ComsolServiceLoginModule optional
authenticate=true
examplegroup=ComsolServerAdministrator
;
};
• If login is successful with the LdapLoginModule, the users belonging to the
group examplegroup get the ComsolServerAdministrator role.
• If login is successful with the ComsolServiceLoginModule, only the local
user database is used to assign roles to the user.
| 75
R u n n i n g C O M S O L S e r ve r B e h i n d a R ever s e P roxy
In some cases it is advantageous to use a reverse proxy server as an intermediary
between COMSOL Server and its users. Use cases of a reverse proxy server
include:
• Providing many web services with the same host name, for example serving
COMSOL Server from http://example.com/comsolserver and another
web mail server at http://example.com/webmail.
• Offloading SSL encryption onto the reverse proxy server, either for using
hardware-accelerated encryption or simply to not have to configure
encryption for each web service separately.
• Firewall features that protect the web service from attacks.
To support serving COMSOL Server at the path /comsolserver (as in the
example above), the reverse proxy must be configured as follows:
1 Pass any regular HTTP requests to
http://example.com/comsolserver/foo on to the primary COMSOL
Server as, for example, http://comsolserver.com:2036/foo.
2 Correctly forward web socket requests (RFC 6455) in the same way as HTTP
requests.
It is not necessary to let the reverse proxy server adjust the Location,
Content-Location, and URI headers for redirected responses, since COMSOL
Server responds with relative URI paths even for redirects. It should also normally
not be necessary to adjust any proxy timeouts, since COMSOL Server periodically
sends some bytes on open network connections to keep them alive.
S AMPLE C ONFIGURATION
FOR
NGINX
The following configuration directives allow for running COMSOL Server behind
the NGINX reverse proxy server:
map $http_upgrade $connection_upgrade {
default upgrade;
''
close;
}
client_max_body_size 0;
server {
listen
server_name
80;
example.com;
location /comsolserver {
if ($request_uri ~ "^/comsolserver(/.*)$") {
76 |
proxy_pass http://127.0.0.1:2036$1;
break;
}
rewrite (.*) $1/ permanent; # add missing slash
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
To enable SSL encryption (that is, https://example.com/comsolserver), a
redirect should be added to another entry for the secure port:
server {
listen
80;
server_name example.com;
location /comsolserver {
return 301 https://$host$request_uri;
}
}
server {
listen
443;
server_name example.com;
ssl on;
... # SSL settings
location /comsolserver {
if ($request_uri ~ "^/comsolserver(/.*)$") {
proxy_pass http://127.0.0.1:2036$1;
break;
}
rewrite (.*) $1/ permanent; # add missing slash
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
In both of the above examples, 127.0.0.1:2036 is the IP address and port of the
primary COMSOL Server installation.
S AMPLE C ONFIGURATION
FOR
A PACHE
MOD _ PROXY
The following configuration directives allow for running COMSOL Server behind
an Apache mod_proxy reverse proxy server:
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
| 77
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule ^/comsolserver/(.*) ws://127.0.0.1:2036/$1 [P]
RewriteRule ^/comsolserver$ /comsolserver/ [R=301]
ProxyPass /comsolserver/ http://127.0.0.1:2036/ nocanon
</VirtualHost>
To enable SSL encryption (that is, https://example.com/comsolserver), a
redirect should be added to another entry for the secure port:
<VirtualHost *:80>
RewriteEngine On
RewriteRule ^/comsolserver(.*) https://%{SERVER_NAME}/comsolserver$1
[R=301]
</VirtualHost>
<VirtualHost *:443>
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule ^/comsolserver/(.*) ws://127.0.0.1:2036/$1 [P]
RewriteRule ^/comsolserver$ https://%{SERVER_NAME}/comsolserver/ [R=301]
ProxyPass /comsolserver/ http://127.0.0.1:2036/ nocanon
</VirtualHost>
In both of the above examples, 127.0.0.1:2036 is the IP address and port of the
primary COMSOL Server installation.
S e t t i n g U p C O M S O L S e r ve r fo r S e c u re C o n n e c t i o n s
There are two ways to set up COMSOL Server for secure connections:
• Use a reverse proxy with SSL configured. Then no particular configuration
of COMSOL Server itself is required. The communication between the
reverse proxy server and COMSOL Server will not be encrypted. See
Running COMSOL Server Behind a Reverse Proxy for more information.
• Configure COMSOL Server to use a server certificate, as described below.
C ONFIGURING
A SERVER CERTIFICATE
COMSOL Server can be configured to use a server certificate from a keystore file
with a password through the -keystorefile, -keystorepass, -keypass, and
-keyalias command line switches. The default keystore file location is
78 |
{COMSOL53}/bin/tomcat/conf/keystore.jks (where in the following
{COMSOL53} refers to the version 5.3 installation directory), the default password
is changeit (both for the store and the key), and the default key alias is
COMSOLServer. If the keystore file is successfully loaded, web browsers are
automatically redirected to use a HTTPS connection and COMSOL Client can
connect with the Encryption check box selected. The port used for HTTP can be
configured with the -sslport command line switch.
C REATING
A
S ELF -S IGNED C ERTIFICATE
To create a self-signed certificate on your computer, start a command window and
run
keytool -genkey -alias COMSOLServer -keypass <password> -storepass
<password> -dname "cn=<ServerHostName>, ou=<Org>, o=<Unit>,
c=<CountryCode>" -keyalg RSA -keystore
{COMSOL53}/bin/tomcat/conf/keystore.jks
after having replaced the <*> entries with the information and the passwords that
you want to use. A copy of the keytool command is available in
{COMSOL53}/java/[architecture]/jre/bin if it is not included on your system
path, where [architecture] is win64, glnxa64, or maci64 depending on your
platform. Note that the passwords used for the keystore and key by COMSOL
Server must be specified with the -keystorepass and -keypass switches in the
command used to start COMSOL Server. If installed as a Windows service, you
should run
sc config "COMSOL Service" binpath= "{COMSOL53}/bin/win64/comsolservice.exe
-keystorepass password"
in an administrative console to modify the command. If installed as a systemd
service on Linux (see Starting COMSOL Server in Linux), you would modify the
ExecStart command.
Self-signed certificates are typically not trusted by web browsers and COMSOL
Client. The public part of the certificate therefore needs to be added to the
trust-store of users’ computers. On Windows this can be done using the
Certificate snapin module for the Microsoft Management Console (run
certmgr.msc) by importing the server certificate to the trusted root certificate
issuers category, or via other centralized computer management tools. Web
browsers may also offer their own method of adding security exceptions for
self-signed certificates. COMSOL Client only supports certificates trusted by the
Windows trust-store.
I MPORTING
AN
E XISTING C ERTIFICATE
To use an existing certificate from a trusted certificate authority, you have to
import both the certificate and its chain or root certificate into the keystore file. If
| 79
you can get the certificate in a single file that contains both the certificate and its
chain, such as .p12 or .pfx, then you can import it by adapting the command
keytool -importkeystore -srcalias SRCALIAS -destalias COMSOLServer
-destkeypass changeit -deststorepass changeit -srckeystore cert.p12
-srcstoretype pkcs12 -destkeystore {COMSOL53}/bin/tomcat/conf/keystore.jks
where SRCALIAS is the name of the certificate in cert.p12. If you do not know the
certificate alias in the source file, remove the -srcalias and -destalias
parameters from the command, see which alias the certificate gets in the
destination keystore, and finally use the keytool -changealias command to
change it to COMSOLServer.
If you have the certificate and its chain certificate in separate files, such as .cer or
you should first import the chain certificate with
.key,
keytool -import -alias COMSOLServerRoot -keystore
{COMSOL53}/bin/tomcat/conf/keystore.jks -trustcacerts -file cert.key
and then finally import the certificate:
keytool -import -alias COMSOLServer -keystore
{COMSOL53}/bin/tomcat/conf/keystore.jks -file cert.cer
R e s e t t i n g th e A d m i n i s tr at o r Pas swo rd
How to reset the administrator password of COMSOL Server depends on if it was
installed as a Windows service (default for Windows) or as a Regular executable.
W INDOWS S ERVICE
1 Stop the COMSOL Server service using the Manage Local Services shortcut on
the Start menu.
2 Run the COMSOL Server installer in Repair mode and enter a new Default local
administrative user.
3 Normally the COMSOL Server service is configured to start automatically;
otherwise, start it again using Manage Local Services.
R EGULAR E XECUTABLE
1 Stop the COMSOL Server executable by typing close in the console window,
or killing its process.
2 Run the COMSOL Server installer in Repair mode and enter a new Default local
administrative user.
80 |
3 Start COMSOL Server again.
M i g r a t i n g f ro m a P revi o u s C O M S O L S e r ve r Ve r s i o n
By default, preferences and uploaded applications are automatically migrated from
a previous COMSOL Server version when updating to the current version. The
following section contains information about how to manually migrate from a
previous version, when the automatic migration is not available. Note that any
custom JAAS login configuration (such as LDAP) and custom server certificates
need to be manually migrated.
M ANUAL M IGRATION
Preferences and files of previous versions can be manually migrated to the new
version as needed by copying certain files after the installation. The following table
shows which files to copy to migrate each item:
FILES TO COPY
DESCRIPTION
{vXXserver}/login.properties
{vXXserver}/service/roles.properties
Local user database
{vXXserver}/server.prefs
Preferences
{vXXserver}/service/favorites.properties
Favorites
{vXXserver}/service/web-user-preferences.
properties
User email addresses
{vXXserver}/applications
Uploaded applications and files
created by applications
{vXXserver}/group-preferences.properties
Group preferences
{vXXserver}/moderated-groups.properties
Moderated group preferences
{vXXserver}/appearanc
Custom appearance files
{installation}/bin/tomcat/conf/login.config
Any custom JAAS login
configuration (such as LDAP)
{installation}/bin/tomcat/conf/keystore.jks
Any custom server certificates
In the table, the path {vXXserver} refers to the settings directory for version XX.
For COMSOL Server 5.3, it is typically %USERPROFILE%\.comsol\v53server on
Windows or C:\Windows\ServiceProfiles\LocalService\.comsol\v53server if
installed as a Windows service, ~/.comsol/v53server on Linux, and
~/Library/Preferences/COMSOL/v53server on macOS. The path {installation}
| 81
refers to the installation directory. For COMSOL Server 5.3 it is typically
C:\Program Files\COMSOL\COMSOL53\Server on Windows,
/usr/local/comsol53/server on Linux, and /Applications/COMSOL53/Server on
macOS.
To perform the migration, perform these steps:
1 Stop both versions of COMSOL Server.
2 Copy the files according to the table above from the old version to the new
version, overwriting the files if needed.
3 Start the new version of COMSOL Server.
It is recommended to make a backup copy of any file that you overwrite in case
you want to undo the migration at some point.
82 |
Index
A
adding groups 68
COMSOL Server 5
adding users 67
administration 29
add-on products 5
installing 8
administration in COMSOL Server 29
logging in to 27
administrator password, resetting 80
starting 19
administrator role 6
COMSOL Software License Agree-
Apache mod_proxy reverse proxy
ment 27, 64
server 77
Appearance page 40
configuring user database 63
D
Application Library 46
deleting applications 52
Desktop shortcut 55
application library
DirectX rendering 55
preference settings for 39
applications
E
external processes and libraries 37
deleting 52
editing 51
F
file system access 37
running 47
file upload 54
sort by 52
finishing installation 17
sorting 52
firewalls 18
G
uploading 51
graphics, interactive 44
grid layout mode 53
authentication 63
group 51
in Windows 15
groups, adding 68
batch jobs 37
groups, of users 7
boot scripts 26
guest role 6, 29, 46, 47
Bourne shell commands 26
C
file download 54
filter 53
upload 47
B
editing applications 51
certificate, importing 79
I
install step, installation 16
installation
changing password 53
finish 17
classes through reflection 38
install step 16
COMSOL Client 5, 28, 54
license 8
installation 10, 54
running applications in 54
COMSOL commands
Windows 43
COMSOL Multiphysics 5
options 10
server 12
installing COMSOL Server 8
in Linux 17
in macOS 17
| 83
in Windows 8
security 37
interactive graphics 44
sessions 34
IPv6
Preferences page 32
prelaunching applications 38
Windows 43
J
JAAS 71
L
language, to use 33
primary servers 10
private 51
products, used in application
LDAP 7, 15, 16, 70
49
license, installation 8
public 51
Lightweight Directory Access Protocol
7
R
removing users 66
resetting administrator password 80
LiveLink™ products 54, 55, 56
resizable graphics 53
local administrative user 14
reverse proxy server 76
local user database 63
Apache mod_proxy 77
logging in to COMSOL Server 27
NGINX 76
login configuration files 72
roles, in COMSOL Server 6
low-resolution displays 53
running application on login 39
M
Monitor page 29
running applications 47
MPH-files 56
in a web browser 45
multicore settings 38
N
network authentication method 38
network sockets 38
NGINX reverse proxy server 76
O
open documents 54
OpenGL rendering 55
options, installation 10
P
password, changing 53
play sounds 54
port number 24
power user 6
preferences 32
email 36
files 36
for prelaunching applications 34
for processes 34
multicore 38
recovery for Application Builder 38
running application on login 39
84 |
in the COMSOL Client 54
runtime security settings 38
S
secondary servers 10
security
restrictions 37
settings 37
self-signed certificate 79
server certificate 78
server, installation 12
shortcuts, to applications 44
side menu, for applications 50
smartphones 54
sockets 38
software license agreement 27, 64
Software rendering 55
sorting applications 52
Start menu shortcut 55
starting COMSOL Server 19
in Linux 25
in OS X 26
in Windows 23
system properties 37
T
tablets 54
TCP connections 18
tmpdir 43
U
uploading applications 47, 51
used products, in application 49
user authentication 63
user database 63
User Database page 32
user role 6, 29, 46, 47
users
adding 67
COMSOL Server 6
removing 66
V
visibility 51
W web browser 5
running applications in 45
web implementation of an application 5
web rendering 33
WebGL 33, 44
Windows Active Directory 70
Windows Authentication 7, 15
| 85
86 |