JusticeWeb Setup and Initial Configuration¶
The above diagram demonstrates how JustWare can be set up to integrate with JustWare. The above setup is New Dawn\'s recommendation for ports and placement of the different components.
JusticeWeb Users and Needed Permissions¶
JusticeWeb SQL user¶
- Retrieves and submits data to the JustWare database. (Must be a member of jw_Super_User)
- Retrieves credentials for payment portal. (Must be a member of jweb_CredentialsAccessor)
JusticeWeb Application User¶
- Fallback used for file access when downloading or uploading.
JustWare User (Setup in JusticeWeb Configuration in JustWare)¶
- This user is impersonated when anything is submitted through the
- Case/ name submissions
- Case/ name updates.
- Approval event submission.
- This user needs permissions to the API name and case JWXML.
- Anonymous Payments and logged in payments: This user needs to be associated with any collecting agencies for obligations that are made available through JusticeWeb.
File Access User (Setup in the File Service and the Queue Manager)¶
- Impersonated when moving the file from the queue folder to the case folder.
Queue Manager Service User¶
- Permissions to read/write to request queue. (must be a member of
- The AddBy/ModBy information will correspond to this user for items in the queue, hence it is recommended that this person is an app person so that the AddBy/ModBy information is not null.
- Must have ability to create an event source in the application event log (Must be an administrator on the machine). This permission is only needed the first time the queue manager service is started. After the first time, the permissions can be reduced.
- Needs permission to write to the event log. I believe a general user has this permission.
Payment Portal User¶
- This user is impersonated when connecting to the Payment Portal.
Payment Provider User¶
- This is the user that the payment portal uses when connecting to the payment provider.
- Not needed for Mercury Payments and Plug-n-Pay.
Web.Config app settings¶
- AllowedFileUploadTypes: This is a semicolon-separated list of acceptable file extensions. A user will not be able to upload a file that does not have an extension in this list. (format is "*.\<extension>" ex. *.pdf)
- MaxFileUploadSize: The maximum size of a file that can be uploaded. This number supports GB, MB, KB, and B units. If no units are specified, byte is used.
- PasswordRegex: The regular expression that is used for validating a password for when a user creates an account.
- PasswordErrorMessage: The error message that is displayed when the user fails to input a valid password when creating an account.
- Monitor Frequency: This should be the same or greater than the monitor frequency of the queue manager service (value is in seconds). JusticeWeb analyzes the queue whenever a new request is submitted. If there have been approved requests in the queue for longer than the monitor frequency (or five minutes, whichever is greater), then an email will be sent to the administrator saying that the queue manager service is down.
- PaymentGatewayKey: The key is used to decide which payment portal to use. The value is usually "MercuryPayments" unless an agency has a custom payment portal then we would use the key that is associated with that portal.
- PaymentGatewayUrl: The URL that is used to connect to the payment portal.
- StreamBufferSize: The size in bytes of each packet when uploading and downloading files.
- MessageBusSendRetries: The amount of additional retries after a failure or timeout.
- MessageBusSendTimeout: The amount of time (in miliseconds) to trigger a timeout.
Queue Manager Service Setup¶
- The cache timeout setting is to control how often the cache gets cleared.
- A value in the configuration file less than or equal to zero means that the cache never times out and the only way to clear the cache is to restart the service.
- The following items are cached:
- XSLT used for transforming the payload into text. This is used for the notes on the approval event.
- Agency Add By for cases added to JustWare. This is the default agency of the JustWare user.
- The code that is used for setting the status of a request to ERROR.
- JustWare username and password.
Queue Monitor Frequency¶
- The total number of seconds between the time that the previous approved requests finished processing and the time when the service will check the queue again for new approved requests.
The Microsoft Distributed Transaction Coordinator needs access through the firewall if a firewall exists between the JusticeWeb Queue Manager and the JustWare Database. To accomplish that, see the following article:
Ports for JusticeWeb¶
- Fileshare ports:
- Database ports:
SQL Encryption error is thrown.¶
The most common cause for a SQL encryption error being thrown is when an existing JustWare database is restored to a different location. The problem is that the symmetric encryption key and the encryption certificate must be recreated for that database. The following steps will describe how to do this.
- Open up SQL Server Management Studio and find the database that is having the problem.
- Find the symmetric key in Security/Symmetric Keys/
- Delete the symmetric key named jweb_keyJusticeWebPassword.
- Next, find the certificate in Security/Certificates/
- Delete the certificate jweb_certKeyEncrypt
- After that is done, run the following script in order to recreate the certificate and key. The same script can also be found at the bottom of the Volatile_01.Constraints.sql file.
IF NOT EXISTS (SELECT * FROM sys.certificates WHERE [name] = 'jweb_certKeyEncrypt') BEGIN CREATE CERTIFICATE jweb_certKeyEncrypt WITH SUBJECT = 'Publisher Key Certificate' END GO GRANT CONTROL ON CERTIFICATE :: jweb_certKeyEncrypt TO [jweb_CredentialsAccessor]
-- Create the symmetric encryption key. --if the AES algorithm isn’t supported, then we can use TRIPLE_DES BEGIN TRY IF NOT EXISTS (SELECT * FROM sys.symmetric_keys WHERE [name] = 'jweb_keyJusticeWebPassword') CREATE SYMMETRIC KEY jweb_keyJusticeWebPassword WITH ALGORITHM = AES_256 ENCRYPTION BY CERTIFICATE jweb_certKeyEncrypt; END TRY BEGIN CATCH IF NOT EXISTS (SELECT * FROM sys.symmetric_keys WHERE [name] = 'jweb_keyJusticeWebPassword') CREATE SYMMETRIC KEY jweb_keyJusticeWebPassword WITH ALGORITHM = TRIPLE_DES ENCRYPTION BY CERTIFICATE jweb_certKeyEncrypt; END CATCH GO