Deprecated. This material represents early efforts and may be of interest to historians. It doe not describe current VIVO efforts.
Deprecated. This material represents early efforts and may be of interest to historians. It doe not describe current VIVO efforts.
Installation instructions for VIVO 1.1 on Debian OS.
nano /etc/apt/sources.list
apt-get update apt-get install apache2 sun-java6-jdk sun-java6-jre libtcnative-1 sudo
java -version
nano ~/.bashrc
export JAVA_HOME=/usr/lib/jvm/java-6-sun export CLASSPATH=$CLASSPATH:/usr/share/java/mysql-connector-java-5.1.6.jar export CLASSPATH=$CLASSPATH:/usr/share/java/mysql-connector-java.jar
wget http://people.apache.org/~remm/tomcat-6/v6.0.20/bin/apache-tomcat-6.0.20.tar.gz tar -zxvf apache-tomcat.....tar.gz mv apache-tomcat-6.0.20/ /usr/local/tomcat
groupadd tomcat useradd -g tomcat -d /usr/local/tomcat tomcat usermod -G www-data tomcat
passwd tomcat VIVO123
nano /etc/init.d/tomcat # Tomcat auto-start description: Auto-starts tomcat processname: tomcat pidfile: /var/run/tomcat.pid export JAVA_HOME=/usr/lib/jvm/java-6-sun case $1 in start) sh /usr/local/tomcat/bin/startup.sh ;; stop) sh /usr/local/tomcat/bin/shutdown.sh ;; restart) sh /usr/local/tomcat/bin/shutdown.sh sh /usr/local/tomcat/bin/startup.sh ;; esac exit 0
chmod 755 /etc/init.d/tomcat
update-rc.d tomcat defaults
nano /usr/local/tomcat/conf/tomcat-users.xml <tomcat-users> <role rolename="manager"/> <role rolename="admin"/> <user username="VIVO" password="VIVO123" roles="admin,manager"/> </tomcat-users>
/etc/init.d/apache2 stop /etc/init.d/tomcat restart /etc/iinit.d/apache2 start
http://localhost:8080/manager/html/list
Username: VIVO Password: VIVO123
useradd vitro passwd vitro
vitro123
nano /etc/sudoers
root,vitro ALL=(ALL) ALL
/etc/init.d/tomcat stop
apt-get update apt-get install subversion-tools sudo ant mysql-server-5.0 libmysql-java
vitro123
cd /tmp wget https://downloads.sourceforge.net/project/vivo/VIVO%20Application%20Source/rel-1.1.tar.gz tar -zxvf rel-1.1.tar.gz
mv vivo-rel-1.1 /usr/local/vivo
cd /usr/local/vivo mv example.deploy.properties deploy.properties nano deploy.properties VIVO.defaultNamespace=http://localhost/vivo/ VIVOConnection.DataSource.url=jdbc:mysql://localhost/VIVOdb VIVOConnection.DataSource.username=VIVO VIVOConnection.DataSource.password=VIVO123
mkdir /usr/local/vivo/data mkdir /usr/local/vivo/data/uploads mkdir /usr/local/vivo/data/luceneIndex chown tomcat:www-data /usr/local/vivo/data/uploads chmod 775 /usr/local/vivo/data/uploads chown tomcat:www-data /usr/local/vivo/data/luceneIndex chmod 775 /usr/local/vivo/data/luceneIndex
cd /usr/local/vivo/vitro-core/config mv example.globalbuild.properties globalbuild.properties nano globalbuild.properties java_api=/usr/lib/jvm/java-6-sun
mkdir /usr/local/src/Vitro chown tomcat:www-data /usr/local/src/Vitro chmod 775 /usr/local/src/Vitro
mysql -u root -p CREATE DATABASE vitrodb CHARACTER SET utf8; CREATE USER 'VIVO'@'localhost' IDENTIFIED BY 'vitro123'; GRANT ALL ON *.* TO 'VIVO'@'localhost'; quit;
/etc/init.d/tomcat stop cd /usr/local/vivo ant all
/etc/init.d/tomcat start
http://localhost:8080/vivo
a2enmod proxy a2enmod proxy_http
Note: Be careful that there is no direct HTTP listener opened by the servlet container. If, for example, there's an HTTP connector listening on port 8080 and no interceding firewall, users would be able to directly access the servlet on port 8080, which bypasses Apache. This also means they would bypass Shibboleth authentication and authorization.
nano /usr/local/tomcat/conf/server.xml
<!-- Set context path for access to 8080 over port 80 --> <Connector port="8080" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="10000" disableUploadTimeout="true" proxyName="YOUR.DOMAIN.EDU" proxyPort="80"/> <!-- Set context path for access over SSL --> <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" proxyName="YOUR.DOMAIN.EDU" proxyPort="443" /> <!-- Set docBase for root webserver application --> <Host name="localhost" appBase="webapps/vivo"> <Context path="" docBase="." /> </Host>
Modify your default Apache site configuration to map requests on the proper virtual hosts to your application.
nano /etc/apache2/sites-available/default ProxyRequests On ProxyPreserveHost On ProxyStatus On <Proxy *> Order deny,allow Allow from all </Proxy> # Use proxy to restrict the need for a port in the URL ProxyPass /vivo/ http://localhost:8080/vivo/ ProxyPassReverse /vivo/ http://localhost:8080/vivo/ ProxyPass / http://localhost/vivo/ ProxyPassReverse / http://localhost/vivo/
nano /etc/apache2/sites-available/default-ssl
ProxyRequests On ProxyPreserveHost On ProxyStatus On <Proxy *> Order deny,allow Allow from all </Proxy> # Use proxy to restrict the need for a port in the URL ProxyPass /vivo/ http://localhost:8080/vivo/ ProxyPassReverse /vivo/ http://localhost:8080/vivo/ ProxyPass / http://localhost/vivo/ ProxyPassReverse / http://localhost/vivo/
// Stop and Restart Apache/Tomcat
/etc/init.d/apache2 stop /etc/init.d/tomcat restart /etc/init.d/apache2 start
apt-get update apt-get install shibboleth-sp2-schemas libshibsp-dev apt-get install libshibsp-doc libapache2-mod-shib2 opensaml2-tools
cd /usr/sbin/
./shib-keygen -h shib.your.domain.edu
mkdir /etc/shibboleth/ssl
cp -rp /etc/shibboleth/sp-cert.pem /etc/shibboleth/ssl/YOUR.DOMAIN.EDU.cert cp -rp /etc/shibboleth/sp-key.pem /etc/shibboleth/ssl/YOUR.DOMAIN.EDU.pem
cd /etc/shibboleth mv shibboleth2.xml shibboleth2.xml.bak
wget http://YOUR.IDENTITYPROVIDER.EDU/linux.shibboleth2.xml
mv linux.shibboleth2.xml shibboleth2.xml
You will need to obtain a URN from your IDP.
Add a line to your Apache configuration on the proper virtual host, such as
in httpd.conf, to trigger Shibboleth session initiation and authentication for
your application. The use of ShibUseHeaders On is important.
nano /etc/apache2/sites-available/default
You can enter anything to replace "shibauth". For example, you could use "/secure" or just "/" to secure the entire virtual host.
# Path for authentication <Location /shibauth> AuthType shibboleth ShibRequireSession On ShibUseHeaders On require valid-user </Location> # Shib Variables Available to entire web server <Location /> AuthType shibboleth ShibRequireSession Off require valid-user ShibUseHeaders On require shibboleth </Location>
nano /etc/apache2/sites-available/default-ssl
<Location /shibauth> AuthType shibboleth ShibRequireSession On ShibUseHeaders On require valid-user </Location> # Shib Variables Available to entire web server <Location /> AuthType shibboleth ShibRequireSession Off require valid-user ShibUseHeaders On require shibboleth </Location>
uf_login_process.jsp webapp/src/edu/cornell/mannlib/VIVO/webapp/controller/edit/UfAuthenticate.java (Copy of Authenticate.java, Compiled)
about_body.jsp (Add html link to UF Shib Login) <strong>UF Shibboleth Login</strong><br/> <a href="http://vivotest.ctrip.ufl.edu/Shibboleth.sso/Login? target=<%= URLEncoder.encode("http://vivotest.ctrip.ufl.edu:8080/VIVO/uf_login_process.jsp" target="_self">Login »</a> webapp/WEB-INF/web.xml (Modified to reflect new class) <servlet> <servlet-name>ufauthenticate</servlet-name> <servlet-class>edu.cornell.mannlib.VIVO.webapp.controller.edit.UfAuthenticate</servlet-class> </servlet> <servlet-mapping> <servlet-name>ufauthenticate</servlet-name> <url-pattern>/ufauthenticate</url-pattern> </servlet-mapping>