Teamcenter JBoss Deployment Guide

Overview

This guide covers installing, configuring, securing, and tuning JBoss (WildFly) for Teamcenter Web Tier. It focuses on enterprise best practices: high availability, SSL, SSO, deployment of WARs, and post-install verification.

Prerequisites

Supported JDK (as required by your Teamcenter version)
JBoss / WildFly distribution (recommended production release)
Teamcenter Web Tier WAR files (tc.war, awc.war)
System user with deployment privileges
SSL certificate (for HTTPS)

Installation Steps

1. Prepare the host

Provision a Linux host (RHEL/CentOS/Oracle Linux) with recommended resources (CPU, RAM, disk).
Install required JDK and set JAVA_HOME.

2. Install WildFly (JBoss)

# download and extract
wget https://download.jboss.org/wildfly/26.1.0.Final/wildfly-26.1.0.Final.tar.gz
sudo tar -xzf wildfly-26.1.0.Final.tar.gz -C /opt
sudo mv /opt/wildfly-26.1.0.Final /opt/wildfly

# create service account (example)
sudo useradd -r -s /sbin/nologin wildfly
sudo chown -R wildfly:wildfly /opt/wildfly

3. Configure standalone.xml for Teamcenter

Edit /opt/wildfly/standalone/configuration/standalone.xml to tune thread pools, datasources, and security realms. Example changes:

Increase max-threads on HTTP listener
Configure datasource for Teamcenter (if JBoss hosts any shared DB access)

4. Deploy Teamcenter WARs

Place tc.war and awc.war in /opt/wildfly/standalone/deployments/. For custom integrations, deploy customIntegrationApp.war alongside them.

5. SSL & Reverse Proxy

For production, terminate SSL at a reverse proxy (NGINX/HAProxy) or configure SSL in JBoss using the Elytron subsystem. Example NGINX snippet:

server {
  listen 443 ssl;
  server_name plm.example.com;
  ssl_certificate /etc/ssl/certs/plm.crt;
  ssl_certificate_key /etc/ssl/private/plm.key;

  location / {
    proxy_pass http://127.0.0.1:8080;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

SSO & Authentication

Integrate SAML/OAuth2 for single sign-on. Configure a security domain that maps to your IdP and ensure AWC session handling honors the headers sent by the proxy (e.g., X-Forwarded-Proto).

High Availability & Clustering

Use WildFly clustering and session replication for HA. Consider sticky sessions on the load balancer with session replication as failover. Also configure external shared storage for uploads if your integration requires file persistence.

Performance Tuning

Tune JVM (heap, metaspace) based on load testing
Configure connection pooling for any REST/backend services
Enable GZIP compression for static assets

Verification & Post-Install Checklist

Confirm WARs deployed and endpoints reachable (/awc, /tc).
Check logs for errors: /opt/wildfly/standalone/log/server.log.
Validate SSL and SSO flows.
Run integration smoke tests (REST login, part lookup).

AWC Architecture Recap

Active Workspace is a web client built on a modular JavaScript stack. Customization options include AWC client extensions, server-side services, and embedding third-party components via iFrames or widgets.

When to Customize AWC

To add context-sensitive UI components (e.g., custom part summary panels)
To embed analytics or dashboards within the AWC UI
To integrate lightweight third-party viewers

AWC Extension Types

1. Client-side (JavaScript/React) Extensions

Create React components that plug into AWC extension points. Keep them stateless where possible and use Teamcenter REST APIs to fetch data.

2. Server-side Extensions

Develop services (SOA/REST) that the AWC client can call for heavy-lift operations or data transformation.

3. Embedded Widgets / iFrames

Use iFrames for third-party dashboards (Power BI) or add lightweight widgets that load from a trusted origin.

Sample: Simple AWC Client Extension (Pseudo-code)

// register a custom panel
awp.registerPanel('my.custom.panel', {
  render: (container, context) => {
    // fetch data from Teamcenter REST
    fetch('/tc/odata/Service/PartService(123)')
      .then(res => res.json())
      .then(data => container.innerHTML = `${data.name}`);
  }
});

Best Practices

Keep extensions modular and under version control.
Respect AWC lifecycle hooks to avoid memory leaks.
Use HTTPS and validate origins for any embedded iFrame content.
Document extension points and provide config-driven options.

Testing & Deployment

Bundle client extensions as part of your awc.war or deploy them through the AWC extension mechanism if your Teamcenter version supports remote extension loading. Run cross-browser tests and verify performance under load.

Integration Patterns

Synchronous API Calls: REST or SOA calls for immediate requests (e.g., part lookup, session login).
Asynchronous Messaging: Use queues for heavy or long-running tasks (JMS, Kafka).
Middleware / Adapter Layer: Centralize transformation and security in a thin middleware (Flask, Spring Boot, Node.js).

Teamcenter SOA vs REST

Teamcenter provides both SOA services and REST/ODATA endpoints. Use REST for web-native integrations and SOA for deeper platform interactions where available.

Sample REST call (login)

POST /tc/soa/service/com/teamcenter/services/core/SessionService/login
Content-Type: application/json
{
  "user":"myuser","password":"mypassword"
}

Middleware Example (Node.js / Express)

// minimal middleware proxy example
const express = require('express');
const fetch = require('node-fetch');
const app = express();
app.use(express.json());

app.post('/api/part-sync', async (req, res) => {
  // transform and call Teamcenter REST
  const tcResp = await fetch('https://plm.example.com/tc/odata/PartService', { method:'GET' });
  const body = await tcResp.json();
  res.json({ success:true, data: body });
});

Security & Governance

Use centralized authentication: OAuth2 / SAML (SSO).
Enforce TLS for all endpoints and encrypt sensitive payloads.
Implement rate limiting and input validation at middleware.

Testing Strategies

Contract testing for API consumers (Postman, Pact).
End-to-end smoke tests for critical flows (login, BOM fetch).
Performance tests for high-volume integrations.

When to use Tomcat

Tomcat is ideal for lightweight Active Workspace deployments, development, and testing. It provides a fast, minimal servlet container without full Java EE features.

Install Tomcat & Deploy WARs

# example (linux)
sudo apt-get install openjdk-11-jdk
wget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.75/bin/apache-tomcat-9.0.75.tar.gz
sudo tar -xzf apache-tomcat-9.0.75.tar.gz -C /opt
sudo mv /opt/apache-tomcat-9.0.75 /opt/tomcat

# deploy
cp awc.war /opt/tomcat/webapps/
cp tc.war /opt/tomcat/webapps/

Configure server.xml

Tune the Connector for production-like testing. Example:

<Connector port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" />

SSL & Reverse Proxy

For public-facing deployments, terminate SSL at NGINX/HAProxy and proxy to Tomcat. Alternatively, configure the Tomcat Connector for TLS.

Performance Tips

Increase maxThreads on the Tomcat connector
Monitor and tune JVM heap
Use a CDN/reverse proxy to serve static assets