License Manager (also referred to as "Server")
Sentinel RMS License Manager is an on-premises network service that enforces and manages licensing in multi-user environment. It keeps track of all the licenses and handles requests from network users who want to run your application, granting authorization to the requester to allow them to run the application, and denying requests when all licenses are in use.
Since v10.0 of Sentinel RMS, a cloud-based RMS License Manager is also introduced. As a result, Sentinel RMS now provides:
>On-premises RMS License Manager, called the RMS License Manager or License Manager
>Cloud-based RMS License Manager, called the RMS Cloud License Manager or RMS Cloud LM
About RMS License Manager
The RMS License Manager usually runs on a computer within the network where users (clients) have installed the licensed application (refer to the diagram below for an illustrated view). It is an integral component of the network licensing schemes that can be implemented with Sentinel RMS, namely server-locked licenses, site licenses and commuter licenses.
Usually the licenses reside on the License Manager in a license file. On startup, the License Manager reads the licenses from the file and creates a license table. Otherwise, these are added dynamically to the License Manager. The dynamically added licenses are only available in the License Manager memory. Once the License Manager is stopped these licenses are lost. Refer to License Loading Behavior on RMS License Manager Restart for details.
You program your application to look for a License Manager with available licenses. When the licensed application is run on a client, a request is sent to the License Manager for obtaining an authorization. The License Manager processes the request (including the task of authenticating the clients, if required) and returns the status to the client. The License Manager maintains each request separately, treating these authorizations as separate clients.
Figure 1: Multiple Clients Accessing the Sentinel RMS License Manager | |
Figure 2: Client Requesting for a Network License |
RMS License Manager Parameters
Here are some quick facts about the RMS License Manager:
RMS License Manager Compatibility-Mode Library—v9.8.1 and Later
Starting RMS 9.8.1, an industry-standard secret-key authenticated encryption is used to secure the RMS License Manager communication, by default. Prior to RMS 9.8.1, a proprietary encryption algorithm was used for message encryption. In case, you still choose to use the proprietary encryption algorithm, you will need to obtain a separate add-on component called the License Manager Compatibility-Mode Library from Technical Support and follow the guidelines on using it.
Guidelines for Using the License Manager Compatibility-Mode Library
The License Manager Compatibility-Mode Library is available only in DLL/shared library formats and is consumed by the licensing library on run-time only.
If you want to use the License Manager Compatibility-Mode Library, overriding the default RMS License Manager communication, you need to follow the guidelines below:
><![CDATA[]]>When using the static licensing library: Place the License Manager Compatibility-Mode Library at the same location as the licensed application.
>When using the dynamic licensing library: Place the License Manager Compatibility-Mode Library at the same location as the licensing library.
The licensed application will communicate with RMS License Manager using the proprietary encryption algorithm.
License Loading Behavior on RMS License Manager Restart
With the new encryption algorithm in place, now when the v9.8.1 (or later) RMS License Manager is restarted, additional tasks related to key-exchange are performed by the running licensed application. During this interval, the licensed application attempting to contact the License Manager (such as for automatic renewal calls via auto-timer), may return with error 210133 (SNTL_RESOURCE_LOCK_FAILURE). To overcome this, try calling the licensing API again after few seconds.
RMS Cloud License Manager or RMS Cloud LM
RMS Cloud LM is a cloud-based service hosted by Thales to manage RMS licenses. This type of deployment is referred to as the Connected (Cloud LM) deployment mode and provides the following main benefits:
>An extension of the traditional on-premises RMS License Manager providing anytime-anywhere access to licensed applications.
>Automatic license deployment on RMS Cloud LM right after entitlement activation in Sentinel EMS in contrast to the manual license addition and deletion tasks with the RMS License Manager.
>Does not require hardware infrastructure installation and maintenance, and thus provides out-of-the-box high availability redundancy.
> Offers secure licensing—protected by JSON Web Token (JWT) type authentication. As a result, RMS licenses can be consumed only after authentication.
>Offers same set of licensing controls for authorizations, such as licenses with expiration dates, global concurrency (hard limit or user limit), license sharing, and license aggregation.
>Offers session management for customers' administrators, who can view a list of live sessions and terminate them, if required, using the Sentinel EMS Customer Portal.
>Entitlement quantity rebalancing across different deployment modes. As a result, you can distribute unused licenses from one deployment mode to another.
>Easier rehosting and revocations without requiring any overheads on behalf of the end user.
>Yields valuable usage data via Sentinel EMS reports.
NOTE RMS Cloud LM is available to SCL Add-on users only.
RMS Cloud LM supports the following types of integrations for on-premises applications:
Integration Option | Description | Suitable for |
---|---|---|
SCP-integrated library | A licensing library that provides an easy-to-use Unified API-based wrapper to internally handle the authentication tasks. | >Desktop applications in C, Java, .NET. Refer to the Common Use Cases sections of C, Java, and .NET for a quick snapshot of the APIs workflow. >Flexible hybrid implementations that allow searching for a license on a standalone system, network License Manager, and cloud in sequence. |
RMS Cloud LM REST API | RMS Cloud LM provides a set of new modern REST API for licensing referred to as the Cloud LM services. These licensing REST APIs make use of the token generated by the Token Management Service REST APIs for authentication. | Applications written for any language or platform not supported by the SCP-integrated library |
For licensing SaaS applications running in a trusted environment, a workflow that authorizes RMS Cloud License Manager REST API using the OAuth 2.0 Client Credentials flow is provided.