CoAP ShowRunner to ShowRunnerCLC™ Setup Instructions

Last modified by Alexander Mott on 2023/07/07 15:17
Use ShowRunnerCLC™ version 3.010 or later

Terminology:

  • Client Processor - Processor that will interact with hardware attached to the host processor.
  • CWS - Crestron Web Server, the processor's internal web server
  • Host Processor (Server) - Processor that hosts the physical hardware
  • LWAPI - Lightweight API (CoAP)
  • User Page Auth - Requires a username and password to access the internal web server (CWS) on the processor.  3-series always has this enabled if authentication is activated.  4-series processors have an option to have user page auth on or not (default is off).

Steps:

  1. Setup Host Processor
    1. Verify processor configuration
    2. Verify LWAPI is enabled
    3. Create API User
    4. Create CWS User (if necessary)
    5. Save the configuration
  2. Setup Client Processor
    1. Define the remote system
    2. Setup auth for the remote system
    3. Save the configuration
  3. Verify successful communications with the following commands:
    1. On host, verify the client shows up as a web session: sr sh lwapi serv cli
    2. On client, verify the session with the host: sr sh lwapi cli br
Host processor (LWAPI Server) Setup (e.g. DIN-AP3 @ 10.44.5.91)

Steps 1-3 and 5 always needed.

  1. If 3-series, Enable Authentication [authentication on] or SSL [ssl self] if not already enabled.  4-Series have authentication enabled by default.  User Page Auth should be turned off on 4-series.
  2. Enable LWAPI
    From Console (v 3.011 or later; processor will automatically restart):
      sr lwapi enable true
    In Config (@ root level; reloading the configuration is required):
      "LwApiEnable": true,
      "LwApiSecurityLevel": "Auth",
  3. Create an API User and record the Key and Secret.  User group must have LWAPI role and Execute permissions.  This allows the   Lightweight API Users group has been created for this purpose:
    DIN-AP3>sradmin add api user "Central Control" "Lightweight API Users"
    API User Central Control generated with Group permissions Lightweight API Users and Key: YTd2pQn7sjwiOWD9NqCIWw Secret: OeiQEFo_-EDfc7sQe_qRpeQzSkZjylV2roa76utpJLI
  4. If 3-series w/ auth enabled or 4-series with user page auth enabled then add a remote user with permissions to connect to the control system.  This is done by adding a local user to the system with user privileges.  Sample values shown, do not re-use these.
    DIN-AP3>adduser -N:lwapi -P:dMFN9pJJXjWLGd7t
    User account was successfully created.
    DIN-AP3>addusertogroup -N:lwapi -G:Users
    'lwapi' was successfully added to group 'Users'.
  5. Save the configuration
Client processor (LWAPI Client) Setup (e.g. DIN-AP4) Version 3.011 or newer

Steps 1-3 always needed. Note: host and client processors must be able to communicate with each other to use this method (i.e. the network must be configured and both processors must have SHOWRUNNER™ program and configuration loaded).

  1. Define remote system in the config:
        "RemoteSystems": [
          {
            "SystemId": 1,
            "IpAddressOrHostname": "10.44.5.91",
            "Label": "HUB-1-1",
            "ConnectionType": "LWAPI"
          },
        ],
  2. Add Users :
    if CWS User is not needed:
    DIN-AP4>sr remote system auth 1 YTd2pQn7sjwiOWD9NqCIWw OeiQEFo_-EDfc7sQe_qRpeQzSkZjylV2roa76utpJLI
    if CWS User is needed:
    DIN-AP4>sr remote system auth 1 YTd2pQn7sjwiOWD9NqCIWw OeiQEFo_-EDfc7sQe_qRpeQzSkZjylV2roa76utpJLI lwapi dMFN9pJJXjWLGd7t
    Success
  3. Save the configuration
Client processor (LWAPI Client) Setup (e.g. DIN-AP4) Version 3.010 or earlier

Steps 1-3 and 6 always needed.

  1. Define remote system in the config:
        "RemoteSystems": [
          {
            "SystemId": 1,
            "IpAddressOrHostname": "10.44.5.91",
            "Label": "HUB-1-1",
            "ConnectionType": "LWAPI"
          },
        ],
  2. Add remote user for LWAPI (this is the key and secret created on the host):
    DIN-AP4>sradmin add remote user HUB-1 YTd2pQn7sjwiOWD9NqCIWw OeiQEFo_-EDfc7sQe_qRpeQzSkZjylV2roa76utpJLI
    Remote User HUB-1 (1a920b8b-3ab8-44bd-bc7b-0fc77abf0a13) added with Group permissions Remote Connection
  3. Assign users to the remote connection, System ID in this example is 1.  API user is to authenticate with the API.  CWS user is to authenticate with the Crestron Web Server before authenticating with the ShowRunner REST API:
    DIN-AP4>sradmin assign remote user API 1 1a920b8b-3ab8-44bd-bc7b-0fc77abf0a13
    User HUB-1 assigned to remote system 1:HUB-1-1 for API Authorization
     
  4. If 3-series w/ auth enabled or 4-series with user page auth enabled then add a remote user with permissions to connect to the control system.
    DIN-AP4>sradmin add remote user HUB-1_CWS lwapi dMFN9pJJXjWLGd7t
    Remote User HUB-1_CWS (d7c88ecb-7212-4e8b-8749-ddca759c6a62) added with Group permissions Remote Connectio
  5. If Necessary:
    DIN-AP4>sradmin assign remote user CWS 1 d7c88ecb-7212-4e8b-8749-ddca759c6a62
    User HUB-1_CWS assigned to remote system 1:HUB-1-1 for API Authorization
  6. Save the configuration and restart ShowRunner™
Tags:
Created by Mark Kohlmann on 2021/07/22 16:42
    

Navigation