Installation and Network configuration
In order to do that, Kiuwan provides a downloadable agent (Kiuwan Local Analyzer – KLA) that performs code analyses locally.
Kiuwan Local Analyzer:
- Downloads the model associated with target software,
- Launches a sequence of analysis steps —compliance with security and quality rules, code metrics, duplicated code detection, etc—, and
- Sends analysis results to Kiuwan cloud service.
Before running any new analysis, KLA verifies its installed version and, in the case there were a newer version, KLA update itself, downloading and installing it, notifying to the user (visit Local Analyzer Upgrade ).
Therefore, before to download it, please check you have permissions on your computer to download the zip file, uncompress and execute it.
Download Kiuwan Local Analyzer
Once logged-in, you can download KLA by opening top-right menu and selecting Download Kiuwan Local Analyzer
To properly work, Kiuwan Local Analyzer needs to access following URLs:
Additionally, next URLs should also be accessible to contact Kiuwan support if you are using Kiuwan website:
Operating Systems and Java
Depending on your platform, you have to make sure the JAVA_HOME environment variable points to the directory where the version was installed (in some platforms the installer takes care of this for you), and that you have $JAVA_HOME/bin in your PATH.
Windows Configuration of JAVA_HOME
Once you have Java installed, you should set JAVA_HOME variable by accessing to 'System properties' in Control Panel, then clicking on 'Advanced' tab and on 'Environment variables', as shown in the image below:
Then, in 'System variables', you have to click on 'New' and name it 'JAVA_HOME', as well as indicate the path where the software is located:
Memory and Time Requirements
These default values are usually valid for most of the analyses.
For analyses that contain more than 5,000 sources files and/or more than 1.5 Million lines of code , it's recommended to increase those values.
You can configure Kiuwan to increases those limits for the whole installation or per application.
- If you are using Kiuwan Graphical User Interface, please visit GUI GlobalConfiguration(memory,timeout,encoding,etc)
- If you uses Command Line Interface, please visit CLI GlobalConfiguration(memory,timeout,encoding,etc)
If you increase the max memory, please be sure your local machine has enough available resources, otherwise JVM would not start and analysis will not proceed.
Installation and Authentication
Info for UNIX-like installations
Under Unix-like systems, please check:
- You need to change permissions for shell scripts.
- Use a command like "chmod +x *.sh" for executable permissions.
- Please check permissions of the Unix user running Kiuwan Local Analyzer:
- read/write permissions on AGENT_HOME/*
- read permissions on directory of source code to be analyzed by Kiuwan
Setting your credentials
Kiuwan Local Analyzer authenticates against a valid Kiuwan account using the credentials you provide.
Please remember that if you change the password for your username in Kiuwan application, you need to change it in the agent as well.
You can configure how Kiuwan Local Analyzer connects to kiuwan services.
Open the "Network configuration" dialog clicking on the "Advanced" button in the bottom left corner of the login window:
Here you can set:
- The protocol used by the proxy (http or socks).
- The host of the proxy server (e.g. proxy.myorganization.com).
- Leave this option empty if your connection to the Internet needs no proxy pass-through.
- The port where the proxy server is listening to.
- The authentication type for the proxy.
- Only Basic authentication is supported.
- Leave this option to "None" if no authorization is required.
- The username for the proxy authentication.
- The password for the proxy authentication.
Local Authentication configuration
This is a common scenario in organizations that validate their employees' credentials against their own authentication system, and do not want them to use other credentials when accessing to external services.
If your company uses a corporate authentication service, your users and passwords will most probably be stored in an Active Directory, an OpenLDAP or an IBM Tivoli.
If that is your case, it’s not needed to have different users/password for your Kiuwan account.
If this is your case, you will need to configure the URL of your organization's local authentication system.
You can also set the local authentication to use the currently configured proxy (as long as it uses http protocol).
Ask your systems administrator what value to enter in the "Local authentication URL" field.
Note that when a local authentication URL is configured, the username and password you set in the login window will be sent to the local authentication system instead to Kiuwan.
How to configure Kiuwan to use your Local Authentication system
Your company users should not connect to https://www.kiuwan.com to sign in, but to an internal URL of your corporate network that you choose, like: http://kiuwan.yourdomain.com or http://yourdomain.com/kiuwan (for example).
In that address you will have an authentication service application that will rely on your local auth service.
If you have permissions to access Kiuwan, it will generate a JWT authentication token including the username, which is encrypted using a secret key, that you can generate in your Kiuwan account settings page.
This token is sent to Kiuwan, so it makes the validation and creates the session for the user, who is automatically redirected to https://www.kiuwan.com, to access the application.
A sample application
You can find a sample authentication application (kiuwan/kiuwan-local-authentication) as a way to get started.
This sample application uses Tomcat (tomcat-users.xml) as authentication mechanism.
The steps are simple:
- Install [Tomcat 8.5.11] (or another application server or use one you already have in your company) on a server.
- Compile and deploy the sample authentication service application we provide for authenticating users in your application server.
- Configure the authentication service application in index.jsp page. (Remember, this is a sample application. Do not use it as production code)
The required clientId and secretKey fields are generated from Kiuwan. You need login in Kiuwan and go to Account Management >> Secret keys
You need also configure the security settings in the application server where you deployed our authentication service application, to connect to your LDAP or any other authentication server.
In this example, we use Tomcat (tomcat-users.xml):
Configure the web.xml file to use this authentication mechanism:
You are done!
Now you just have to tell your Kiuwan users to use the URL you have defined to access our authentication service application.
Remember that this same configuration is also valid if you have Single-Sign-On mechanisms such as LDAP, SPNEGO or IBM WebSeal.
Local Analyzer Upgrade
For a correct interpretation of results, Local Analyzer version installed on the client workstations should be the latest available on the server.
Under some circumstances, automatic upgrade might be not executed, and you will see a warning message stating that upgrade of Kiuwan Local Analyzer has not been executed.
This message only means that the analysis was not executed with the last available KLA.
This does not mean necessarily an error. It could be only a temporary situation.
Before executing an analysis, Kiuwan Local Analyzer always checks if there's available a new version. If so, automatic upgrading process starts.
In some parallel high-load scenarios, there might be already running analysis. And those analysis executed before the new version is installed will show this warning message.
But, if you see those messages appearing during some hours, perhaps there's a problem in your installation that is currently blocking automatic upgrade.
In that case, when you are sure there are no running analyses, please delete any *.lock file that might be at temp directory of you KLA installation.
After that, run the analysis again. If the problem still persists, please contact Kiuwan Technical Support.