Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
tutorial:adm:czechidm_installation_win [2019/10/17 13:26]
urbanl Added changes in tomcat properties and logback spring for log rotation. 		tutorial:adm:czechidm_installation_win [2020/05/27 07:29]
urbanl [Configure environment properties. Select application profile] Removed use legacy merge sort #2167
Line 8: Line 8:
  
 ==== Create DB user and database in PostgreSQL ==== ==== Create DB user and database in PostgreSQL ====
-Open a **PSQL** binary from the Start menu. A windows-cmd-like window should appear with a prompt. Create a db user and a database for CzechIdM.+Open a **PSQL** binary from the Start menu (for the OpenSCG PostgreSQL) or fire-up the cmd terminal and run ''psql.exe -U postgres'' (for the EnterpriseDB PostgreSQL). A windows-cmd-like window should appear with a prompt. Create a db user and a database for CzechIdM.
  
-<code>+<code sql>
 CREATE USER czechidm PASSWORD '*****'; CREATE USER czechidm PASSWORD '*****';
 +
 +-- Choose appropriate collation and create database.
 +-- with english collation (we expect the default windows installation with cp1250/cp1252 and "English_United States" collation).
 CREATE DATABASE "czechidm" WITH OWNER 'czechidm' ENCODING 'UTF8' template 'template0'; CREATE DATABASE "czechidm" WITH OWNER 'czechidm' ENCODING 'UTF8' template 'template0';
 +-- with czech collation
 +CREATE DATABASE "czechidm" WITH OWNER 'czechidm' ENCODING 'UTF8' LC_COLLATE = 'czech_czech' LC_CTYPE = 'czech_czech' template 'template0';
 </code> </code>
  
 Use the pgAdmin or PSQL to test the database connection under the ''czechidm'' user. Use the pgAdmin or PSQL to test the database connection under the ''czechidm'' user.
 ==== JDBC driver installation ==== ==== JDBC driver installation ====
-Download the PostgreSQL JDBC driver from the [[https://jdbc.postgresql.org/download.html|this URL]] and move it to the C:\CzechIdM\lib\ directory (create the directory if it does not exist).+Download the PostgreSQL JDBC driver from the [[https://jdbc.postgresql.org/download.html|this URL]] and move it to the ''C:\Program Files\Apache Software Foundation\Tomcat 8.5\lib\'' directory.
 ==== Configure environment properties. Select application profile ==== ==== Configure environment properties. Select application profile ====
 Run the **Monitor Tomcat** application from the Start menu. Configure following settings: Run the **Monitor Tomcat** application from the Start menu. Configure following settings:
   * Add ''C:\CzechIdM\etc;C:\CzechIdM\lib;C:\CzechIdM\lib\\*;'' to the **beginning of the** ''CLASSPATH''. If you followed the [[tutorial:adm:server_preparation_win|]] guide, this should already be in place.   * Add ''C:\CzechIdM\etc;C:\CzechIdM\lib;C:\CzechIdM\lib\\*;'' to the **beginning of the** ''CLASSPATH''. If you followed the [[tutorial:adm:server_preparation_win|]] guide, this should already be in place.
-  * Add ''-Dspring.profiles.active=production'' and ''-Djava.util.Arrays.useLegacyMergeSort=true''to the ''Java options''.+  * Add ''-Dspring.profiles.active=production'' to the ''Java options''.
  
 === Change Tomat logging properties === === Change Tomat logging properties ===
Line 27: Line 32:
 In order to set-up log rotation we need stop logging to stdout and start logging to catalina.log . In order to set-up log rotation we need stop logging to stdout and start logging to catalina.log .
  
-Make these changes in file "/c/Program\ Files/Apache\ SoftwareFoundation/Tomcat\ 8.5/conf/logging.properties"+Make these changes in file ''C:\Program Files\Apache Software Foundation\Tomcat 8.5\conf\logging.properties'':
 Comment out console handler. We don't want tomcat to log to stdout or stderr. Comment out console handler. We don't want tomcat to log to stdout or stderr.
 <code> <code>
Line 164: Line 169:
 flyway.enabled=true flyway.enabled=true
    
-scheduler.enabled=true +
-scheduler.task.queue.process=1000 +
-scheduler.event.queue.process=1000+
 scheduler.properties.location=quartz-production.properties scheduler.properties.location=quartz-production.properties
 +
 logging.config=c:/czechidm/etc/logback-spring.xml logging.config=c:/czechidm/etc/logback-spring.xml
 +
 idm.sec.core.demo.data.enabled=false idm.sec.core.demo.data.enabled=false
    
-#spring.cache.ehcache.config=classpath:ehcache.xml +attachments will be stored under this path
-  +# new directories for attachment will be created in this folder (permissions has to be added) 
-spring.activiti.processDefinitionLocationPrefix=classpath*:/eu/bcvsolutions/idm/workflow+# System.getProperty("user.home")/idm_data will be used if no path is given 
-idm.sec.core.notification.template.folder=classpath*:/eu/bcvsolutions/idm/templates/ +idm.sec.core.attachment.storagePath=c:/czechidm/data
-idm.sec.core.script.folder=classpath*:/eu/bcvsolutions/idm/scripts/+
 # configuration property for default backup  # configuration property for default backup 
 idm.sec.core.backups.default.folder.path=c:/czechidm/backup idm.sec.core.backups.default.folder.path=c:/czechidm/backup
-  + 
- +
 idm.pub.security.allowed-origins=http://localhost idm.pub.security.allowed-origins=http://localhost
 # Generate JWT token security string as "cat /dev/urandom | tr -dc 'a-z0-9' | head -c VALUE" where VALUE can be from 1 to 255. # Generate JWT token security string as "cat /dev/urandom | tr -dc 'a-z0-9' | head -c VALUE" where VALUE can be from 1 to 255.
Line 185: Line 189:
 idm.sec.security.jwt.secret.token=********** TODO ********* idm.sec.security.jwt.secret.token=********** TODO *********
 idm.sec.security.jwt.expirationTimeout=36000000 idm.sec.security.jwt.expirationTimeout=36000000
- 
-# recaptcha 
-# - recaptchaservice endpoint  
-#idm.sec.security.recaptcha.url=https://www.google.com/recaptcha/api/siteverify 
-# - secret key, can be generated here https://www.google.com/recaptcha/admin 
-idm.sec.security.recaptcha.secretKey=xxx 
-# Proxy for HTTP requests 
-#idm.sec.core.http.proxy=12.34.56.78:1234 
    
 # Cipher secret key for crypt values in confidential storage # Cipher secret key for crypt values in confidential storage
Line 199: Line 195:
 cipher.crypt.secret.keyPath=c:/czechidm/etc/secret.key cipher.crypt.secret.keyPath=c:/czechidm/etc/secret.key
    
- +# Defaults for: emailer.* 
 +# test.enabled=true means mail WILL NOT be sent
 idm.sec.core.emailer.test.enabled=true idm.sec.core.emailer.test.enabled=true
 # http://camel.apache.org/mail.html # http://camel.apache.org/mail.html
Line 208: Line 205:
 # idm.sec.core.emailer.password=password # idm.sec.core.emailer.password=password
 idm.sec.core.emailer.from=czechidm@localhost idm.sec.core.emailer.from=czechidm@localhost
-  
-## Global property that allow disable or enable sending notification from WF 
-idm.sec.core.wf.notification.send=false 
-  
-  
-# supports delete identity 
-idm.pub.core.identity.delete=true 
-# 
-# default password change type for custom users, one of values:  
-# DISABLED - password change is disable 
-# ALL_ONLY - users can change passwords only for all accounts 
-# CUSTOM - users can choose for which accounts change password 
-idm.pub.core.identity.passwordChange=ALL_ONLY 
-# 
-# required old password for change password 
-idm.pub.core.identity.passwordChange.requireOldPassword=true 
-# 
-# create default identity's contract, when identity is created 
-idm.pub.core.identity.create.defaultContract.enabled=true 
-  
    
 # Default user role will be added automatically, after an identity is logged in # Default user role will be added automatically, after an identity is logged in
Line 236: Line 213:
 idm.sec.core.role.admin=superAdminRole idm.sec.core.role.admin=superAdminRole
    
-  +Max file size of uploaded file. Values can use the suffixed "MB" or "KB" to indicate a Megabyte or Kilobyte size. 
-ID system against which to authenticate +spring.servlet.multipart.max-file-size=100MB 
-idm.sec.security.auth.systemId+spring.servlet.multipart.max-request-size=100MB
- +
-# attachments will be stored under this path. +
-# new directories for attachment will be created in this folder (permissions has to be added) +
-# System.getProperty("user.home")/idm_data will be used if no path is given +
-idm.sec.core.attachment.storagePath=c:/czechidm/data+
 </file> </file>
  
  • by fiserp