TIBCO Spotfire Node Manager

A node manager is a container for setting up, running, or tearing down services such as Spotfire Automation Services, Spotfire Web Player,TERR service, or Spotfire Service for Python. A service running on a node manager runs in a separate process, can open service ports and the service installation files resides under <nm installation path>/services/.


Spotfire node manager component	Description
Service account	Windows default: `NT Authority\system` Linux default: `root`
Ports and protocols	Registration port on node manager computer: HTTP/9080 Communication port on node manager computer: HTTPS/9443

Table 1. A non-extensive inventory of data that might contain credentials and other sensitive information.
Type	(Default) Location	Comments
Node manager and service logs	<`node manager root`>/logs	Contains the node manager and the service logs. It can also contain minidumps, and memory process dumps for Spotfire Web Player, if these are created. See also `enabledMiniDumpCreationOnError` in the Spotfire.Dxp.Worker.Web.config help topic.
SMTP configuration credentials	Spotfire.Dxp.Worker.Automation.config	When Spotfire Automation Services is configured with an SMTP server that requires authenticated connections.
Node manager backend trust keystore	<`node manager installation directory`>/trust/keystore.p12 (node manager).	Keystore containing keys for the following: internal node manager <-> Spotfire Server node manager <-> service service <-> Spotfire Server service <-> service The keystore is locked with a static password.
Spotfire Web Player / Spotfire Automation Services proxy server credentials	Spotfire.Dxp.Worker.Host.exe.config	`ProxyUsername` and `ProxyPassword` hold credentials to a network proxy if one is configured.
Spotfire Statistics Services configuration for Spotfire Web Player and Spotfire Automation Services.	Spotfire.Dxp.Worker.Host.exe.config	`TibcoSpotfireStatisticsServicesUsernames` and `TibcoSpotfireStatisticsServicesPasswords` in contains credentials to Spotfire Statistics Services server(s) if one or more is configured.
Credentials Profiles for Connectors used by Spotfire Web Player and Spotfire Automation Services	Spotfire.Dxp.Worker.Host.exe.config	A configuration file containing user names and passwords to data sources used by data connectors.
Spotfire Automation Services Kerberos identity	Spotfire.Dxp.Worker.Automation.config	The Windows user specified by `<kerberosIdentity userName="domain\username" password="password" />` is used to run Spotfire Automation Services.
Spotfire Web Player > Scheduled updates identity	Spotfire.Dxp.Worker.Web.config	The Windows user specified by `<kerberosIdentity userName="domain\username" password="password" />` is used to run Spotfire Web Player.

Note: Credentials are encrypted in the configuration files that are installed with the service. To modify the configuration, you must export the configuration from the database, make modifications, import it back into the database, and then set the configuration for the service.