PubMan 7 7 bugfix
PubMan 7.7 Bugfix Release[edit]
Affected Servers[edit]
Prepare read only system[edit]
Fedora[edit]
Coreservice Apache[edit]
- adapt coreservice to https protocol
Coreservice JBoss[edit]
- modify to https in escidoc-core.properties und escidoc-core.custom.properties
# Base URL of the eSciDoc Infrastructure, typically # the host name of the machine the servlet container # is running, and the port on which the servlet # container listens for incoming HTTP requests escidoc-core.baseurl = https://coreservice.mpdl.mpg.de
- modify to https in escidoc-core.properties
# URL that points to the Admin Tool (used in welcome page) # admin-tool.url = /AdminTool?escidocurl=https://coreservice.mpdl.mpg.de
- add new category to jboss-log4j.xml
<category name="de.escidoc.core.adm.business.admin"> <priority value="INFO" /> <appender-ref ref="FILE"/> </category>
- replace escidoc-core.ear and fedoragsearch.war in WILDFLY_HOME/../deploy from /home/siedersleben/pubman-7.7.4-bugfix
Core Infrastructure[edit]
Core Properties[edit]
Core Index Properties[edit]
PubMan EAR[edit]
PubMan Properties[edit]
- add property (file footer.txt already extsts in ../main
#file name of html snippet which should be included in footer of every PubMan page, e.g. for Piwik escidoc.pubman.footer.fileName=footer.txt
- adapt to https:
# URL of the escidoc-core instance you like to logon to escidoc.framework_access.login.url=https://coreservice.mpdl.mpg.de
PubMan Apache[edit]
Apache Config[edit]
SSLEngine on SSLCipherSuite HIGH:MEDIUM # Your signed server certificate SSLCertificateFile /etc/apache2/ssl.crt/ssl.crt SSLCertificateChainFile /etc/apache2/ssl.crt/ca.crt # Your private key for encryption SSLCertificateKeyFile /etc/apache2/ssl.key/ssl.key # The CA's SSLCACertificateFile /etc/apache2/ssl.crt/ca.crt # Force SSLv3 and TLSv1 Only! SSLProtocol all -SSLv2 <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0
listen.conf[edit]
Listen 443 NameVirtualHost *:443
PubMan Wildfly[edit]
PubMan PidCache[edit]
- correct missing component pids
eSciDoc-OAI-Provider[edit]
AA[edit]
siehe CoNE
Validation Database[edit]
Migration database[edit]
CoNE[edit]
new property in cone.properties und auth.properties (already prepared)
escidoc.aa.client.logout.class=de.mpg.escidoc.services.aa.web.client.EscidocAaLogoutClient
adapt to https in cone.properties und auth.properties
# URL of the eSciDoc infrastructure instance (only for eSciDoc authentication) escidoc.framework_access.framework.url=https://coreservice.mpdl.mpg.de # URL of the escidoc-core instance you like to logon to (only for eSciDoc authentication) escidoc.framework_access.login.url=https://coreservice.mpdl.mpg.de
Results-Table needs to be recreated
eSciDoc Admin[edit]
- adapt to https protocol
in .../prod.cfg new property framework.host_scheme, remove port from framework.host
# this is the Hostname:Port of the framework to be administered framework.host="coreservice.mpdl.mpg.de" framework.host_scheme="https"
in .../lib/util.py
def get_login_url(target=None): login_url = "https://%s%s" % (config.get('framework.host'), client.LOGIN_PATH) if target: login_url = "%s?%s" % (login_url, urllib.urlencode(dict(target=target))) return login_url
- Sichern wir das irgendwo ? (es gibt nur ein einziges Subversion für escidocadmin)