Project
Clone or download the source code from https://stash.uconn.edu/projects/KFS/repos/uconn-kfs.
...
Update liquibase.properties file with appropriate url, user and password
- Replace [env] in kfs/core/core-services-cf.sql and kfs/kfs-additional.xml with appropriate environment (prd for production)
Run kfs-runlog.sh to use liquibase to perform the updates.
Server Configuration
Add -Dadditional.kfs.config.locations="/srv/uconn_configs/kfs-external-config.properties" to VM arguments.
Tomcat
Additional jar files.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<!--
Copyright 2008-2009 The Kuali Foundation
Licensed under the Educational Community License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.opensource.org/licenses/ecl2.php
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<config>
<!-- Application URL Configuration -->
<!-- Please fill in values for these parameters! -->
<param name="environment"><[environment]</param>
<param name="app.context.name">kr-${environment}</param>
<param name="context.names.rice">kr-${environment}</param>
<param name="context.names.app">${app.context.name}</param>
<param name="application.host">[rice server]</param>
<param name="application.url">${application.host}/${context.names.rice}</param>
<param name="workflow.url">${application.url}/kew</param>
<param name="appserver.url">${application.host}</param>
<param name="kfs.url">[kfs server]/kfs-${environment}</param>
<param name="context.names.kfs">kfs-[${environment]}</param>
<param name="kfs.externalizable.help.url">[ kfs server ]/${context.names.kfs}>${kfs.url}/static/help/</param>
<!-- set some datasource defaults -->
<param name="datasource.ojb.platform">Oracle9i</param>
<param name="datasource.platform">org.kuali.rice.core.framework.persistence.platform.OracleDatabasePlatform</param>
<!-- test Exadata database -->
<param name="datasource.url">jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=YES)(FAILOVER=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=exa02-scan.uits.uconn.edu)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=kfsupdev.uits.uconn.edu)(FAILOVER_MODE=(TYPE=SELECT)(METHOD=BASIC)(RETRIES=20)(DELAY=5))))</param>
<param name="datasource.driver.name">oracle.jdbc.driver.OracleDriver</param>
<param name="datasource.username">kr_[environment]</param>
<param name="datasource.password">[ password ]</param>
<param name="datasource.maximum.cached.preparedstatements">25</param>
<!-- btm -->
<param name="datasource.btm.journal">null</param>
<param name="datasource.btm.acquisitionInterval">12</param>
<param name="datasource.btm.connectionTestTimeout">8</param>
<param name="datasource.btm.acquisitionTimeout">242</param>
<param name="datasource.btm.driverProperties.loginTimeout">6</param>
<param name="datasource.btm.applyTransactionTimeout">false</param>
<param name="datasource.btm.warnAboutZeroResourceTransaction">false</param>
<param name="datasource.btm.pool.class">bitronix.tm.resource.jdbc.lrc.LrcXADataSource</param>
<!-- obj -->
<param name="datasource.ojb.sequence.manager">org.apache.ojb.broker.util.sequence.SequenceManagerNextValImpl</param>
<param name="datasource.ojb.sequenceManager.className">org.apache.ojb.broker.util.sequence.SequenceManagerNextValImpl</param>
<!-- connection pool -->
<param name="datasource.pool.maxActive">100</param>
<param name="datasource.pool.minIdle">5</param>
<param name="datasource.pool.initialSize">50</param>
<param name="datasource.pool.maxSize">100</param>
<param name="datasource.pool.minSize">5</param>
<param name="datasource.pool.maxWait">3000</param>
<param name="datasource.pool.validationQuery">select 1</param>
<param name="datasource.pool.max.idle.time">3600</param>
<param name="datasource.pool.max.life.time">4800</param>
<param name="datasource.pool.isolation.level">READ_COMMITTED</param>
<param name="datasource.pool.enable.jdbc4.connection.test">true</param>
<param name="datasource.pool.share.transaction.connections">true</param>
<param name="datasource.pool.class">${datasource.btm.pool.class}</param>
<param name="connection.pool.impl">BitronixXa</param>
<param name="datasource.pool.isolation.level">READ_COMMITTED</param>
<!-- rice -->
<param name="rice.datasource.url">${datasource.url}</param>
<param name="rice.datasource.username">${datasource.username}</param>
<param name="rice.datasource.password">${datasource.password}</param>
<param name="rice.datasource.driver.name">${datasource.driver.name}</param>
<param name="rice.datasource.pool.maxWait">${datasource.pool.maxWait}</param>
<param name="rice.datasource.pool.minSize">${datasource.pool.minSize}</param>
<param name="rice.datasource.pool.maxSize">${datasource.pool.maxSize}</param>
<param name="rice.datasource.pool.maxActive">${datasource.pool.maxActive}</param>
<param name="rice.datasource.validating.query">${datasource.pool.validationQuery}</param>
<param name="rice.datasource.pool.accessToUnderlyingConnectionAllowed">true</param>
<param name="rice.datasource.pool.minIdle">${datasource.pool.minIdle}</param>
<param name="rice.datasource.pool.initialSize">${datasource.pool.initialSize}</param>
<param name="rice.custom.ojb.properties">classpath:org/kuali/rice/core/ojb/RiceOJB.properties</param>
<!-- necessary for kfs account infor web service -->
<param name="kfs.datasource.url">${datasource.url}</param>
<param name="kfs.datasource.username">kfs_[ environment ]</param>
<param name="kfs.datasource.password">[ password ]</param>
<param name="kfs.datasource.driver.name">${datasource.driver.name}</param>
<param name="kfs.datasource.pool.maxWait">${datasource.pool.maxWait}</param>
<param name="kfs.datasource.pool.minSize">${datasource.pool.minSize}</param>
<param name="kfs.datasource.pool.maxSize">${datasource.pool.maxSize}</param>
<param name="kfs.datasource.pool.maxActive">${datasource.pool.maxActive}</param>
<param name="kfs.datasource.validating.query">${datasource.pool.validationQuery}</param>
<param name="kfs.datasource.pool.accessToUnderlyingConnectionAllowed">true</param>
<param name="kfs.datasource.pool.minIdle">${datasource.pool.minIdle}</param>
<param name="kfs.datasource.pool.initialSize">${datasource.pool.initialSize}</param>
<param name="kfsLocator.useAppContext">true</param>
<!-- KSB remoting service definitions -->
<param name="serviceServletUrl">${application.url}/remoting</param>
<!-- directory -->
<param name="rice.config.directory">/srv/uconn_configs/rice-config</param>
<param name="security.directory" override="false">${rice.config.directory}</param>
<param name="settings.directory" override="false">${rice.config.directory}</param>
<param name="plugin.dir">${rice.config.directory}/plugins</param>
<param name="data.xml.root.location">${rice.config.directory}/kew/xml</param>
<param name="attachment.dir.location">${rice.config.directory}/kew_attachments</param>
<param name="attachments.directory" override="false">${attachment.dir.location}/${environment}/attachments</param>
<param name="attachments.pending.directory" override="false">${attachments.directory}/pending</param>
<param name="portal.css.files" override="false">rice-portal/css/portal.css,rice-portal/css/uconn_portal.css,krad/plugins/fancybox/jquery.fancybox-1.3.4.css,krad/plugins/rice/textpopout/popoutTextarea.css,krad/plugins/jgrowl/jquery.jgrowl.css</param>
<!-- log4j settings -->
<param name="log4j.settings.path">${rice.config.directory}/log4j.properties</param>
<param name="log4j.settings.reloadInterval">5</param>
<!-- Keystore and Encryption Configuration -->
<param name="keystore.file">${rice.config.directory}/rice.keystore</param>
<param name="keystore.alias">rice</param>
<param name="keystore.password">r1c3pw<>[keystore password]</param>
<!-- parameters for Aes 256 bit encryption -->
<param name="encryption.key">[ encryption key ]</param>
<param name="other.encryption.key">[ other encryption key ]</param>
<!-- Mail Node Configuration -->
<param name="mail.relay.server">localhost</param>
<param name="mailing.list.batch">mailing.list.batch</param>
<!-- CAS integration configuration -->
<param name="cas.context.name" override="false">cas</param>
<param name="cas.rice.server.name">${application.host}</param>
<param name="cas.url">https://login.uconn.edu/${cas.context.name}</param>
<param name="cas.require.https">false</param>
<param name="cas.validate.password">false</param>
<param name="filter.login.class">org.jasig.cas.client.authentication.AuthenticationFilter</param>
<param name="filter.login.casServerLoginUrl">${cas.url}/login</param>
<param name="filter.login.serverName">${cas.rice.server.name}</param>
<param name="filtermapping.login.1">/*</param>
<param name="filter.validation.class">org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</param>
<param name="filter.validation.casServerUrlPrefix">${cas.url}</param>
<param name="filter.validation.serverName">${cas.rice.server.name}</param>
<param name="filtermapping.validation.2">/*</param>
<param name="filter.caswrapper.class">org.jasig.cas.client.util.HttpServletRequestWrapperFilter</param>
<param name="filtermapping.caswrapper.3">/*</param>
<!-- end CAS integration configuration -->
<!--Dummy Login Filter - use if you don't want to go through CAS
<param name="filter.login.class">org.kuali.rice.krad.web.filter.AutoLoginFilter</param>
<param name="filtermapping.login.1">/*</param>
<param name="filter.login.autouser">dac04010</param>
-->
<!-- Sample Application Flag -->
<param name="sample.enabled">false</param>
<param name="dev.mode">false</param>
<!-- ldap mappings -->
<param name="rice.ldapattr.entityId">uid</param>
<param name="rice.ldapattr.principalName">uid</param>
<param name="rice.ldap.principalAlwaysActive">true</param>
<param name="rice.ldapattr.firstName">givenName</param>
<param name="rice.ldapattr.middleName">initials</param>
<param name="rice.ldapattr.lastName">sn</param>
<param name="rice.ldapattr.fullName">cn</param>
<param name="rice.ldapattr.displayName">displayName</param>
<param name="rice.ldapattr.title">title</param>
<param name="rice.ldapattr.email">mail</param>
<param name="rice.ldapattr.phoneNumber">publishedTelephoneNumber</param>
<param name="rice.pattern.phoneNumberKimFormat">%s-%s-%s</param>
<param name="rice.ldapattr.date.of.birth">uconnPersonDateOfBirth</param>
<param name="rice.pattern.phoneNumberLdapRegex">.*([0-9]{3}).*([0-9]{3}).*([0-9]{4})</param>
<param name="rice.ldapattr.employeeId">uconnPersonEmplID</param>
<param name="rice.ldapattr.payrollId">uconnPersonPayrollID</param>
<param name="rice.ldapattr.deptNumber">departmentNumber</param>
<param name="rice.ldapattr.deptName">uconnDepartment</param>
<param name="rice.ldapattr.employeeType"></param>
<param name="rice.ldapattr.employeeStatus"></param>
<param name="rice.ldap.employeeTypeMappings"></param>
<param name="rice.ldapattr.building">buildingName</param>
<param name="rice.ldapattr.street">street</param>
<param name="rice.ldapattr.postalAddr">postalAddress</param>
<param name="rice.ldapattr.city"></param>
<param name="rice.ldapattr.state"></param>
<param name="rice.ldapattr.country"></param>
<param name="rice.ldapattr.zipCode"></param>
<param name="rice.ldapattr.campus">l</param>
<param name="rice.ldapattr.primaryAffiliation">eduPersonPrimaryAffiliation</param>
<param name="rice.ldapattr.affiliation">eduPersonAffiliation</param>
<param name="rice.ldapattr.uconnPerson.affiliation">uconnPersonAffiliation</param>
<param name="rice.ldapattr.personEntitlement">eduPersonEntitlement</param>
<param name="rice.ldap.affiliationMappings">STAFF=staff,FCLTY=faculty,STDNT=student,AFLT=affiliate</param>
<param name="rice.ldap.campusMappings">Storrs=01,Hartford=02,Stamford=03,Torrington=04,Waterbury=05,Avery Point=06,Health Center=07,Extension Services=08</param>
<param name="rice.ldap.cityZipMappings">Storrs=06269,Hartford=06117,Stamford=06901,Torrington=06790,Waterbury=06702,Avery Point=06340,Health Center=06030,Extension Services=000000</param>
<param name="rice.ldap.defaultCampusCode"></param>
<param name="rice.ldap.defaultCityCode"></param>
<param name="rice.ldap.defaultStateCode">CT</param>
<param name="rice.ldap.defaultCountryCode">US</param>
<param name="rice.ldap.defaultZipCode"></param>
<param name="rice.ldapattr.unitNumber">uconnUnitNumber</param>
<param name="rice.ldapattr.uconnPublished">uconnPublished</param>
<param name="rice.ldapattr.uconnPublished.email">uconnPublishedEmail</param>
<param name="rice.ldap.objectClass">objectClass</param>
<param name="rice.kim.entityTitleLength">20</param>
<param name="rice.kim.employee.status.id">employee</param>
<param name="rice.ldap.search.limit">5000</param>
<!-- additional parameters -->
<param name="organization.types">Division=4;VP Cabinet=5;AVP Dean=6;Discipline/Grouping=7;Department=8;Sub-Department 1=9;Sub-Department 2=T</param>
<param name="organization.type.xref">executive=Division;unit=VP Cabinet,AVP Dean,Discipline/Grouping;department=Department,Sub-Department 1,Sub-Department 2</param>
<param name="rice.default.chart.code">UC</param>
<!-- role names for organization routing -->
<param name="uconn.routing.departmentRole">Derived Role: UConn Dept Head</param>
<param name="uconn.routing.unitRole">Derived Role: UConn Unit Head</param>
<param name="uconn.routing.execRole">Derived Role: UConn Exec Head</param>
<param name="uconn.routing.univHeadRole">Derived Role: UConn University Head</param>
<param name="uconn.routing.subDeptRole">Derived Role: UConn SubDept Head</param>
<param name="uconn.workflow.viewerRole">Derived Role: UConn Workflow Document Viewer</param>
<param name="uconn.workflow.subDeptViewerRole">Derived Role: UConn SubDept Workflow Document Viewer</param>
<param name="uconn.workflow.deptViewerRole">Derived Role: UConn Dept Workflow Document Viewer</param>
<param name="uconn.workflow.unitViewerRole">Derived Role: UConn Unit Workflow Document Viewer</param>
<param name="uconn.workflow.execViewerRole">Derived Role: UConn Exec Workflow Document Viewer</param>
<!-- LDAP connection -->
<param name="rice.ldap.username">uid=uits-kuali,ou=accounts,ou=ldap,dc=uconn,dc=edu</param>
<param name="rice.ldap.password">[ ldap password ]</param>
<param name="rice.ldap.url">ldap://ldap.uconn.edu</param>
<param name="rice.ldap.base">dc=uconn,dc=edu</param>
<!-- KPS-598 Jaggaer Single Sign On (SSO) - Roles and Orgs -->
<param name="ldap.wrt.username">uid=uits-kuali,ou=accounts,ou=ldap,dc=uconn,dc=edu</param>
<param name="ldap.wrt.password">[ ldap password </param>
<param name="ldap.wrt.url">ldap://master.ldap.uconn.edu</param>
<param name="ldap.wrt.base">dc=uconn,dc=edu</param>
<!-- additional parameters -->
<param name="organization.types">Division=4;VP Cabinet=5;AVP Dean=6;Discipline/Grouping=7;Department=8;Sub-Department 1=9;Sub-Department 2=T</param>
<param name="organization.type.xref">executive=Division;unit=VP Cabinet,AVP Dean,Discipline/Grouping;department=Department,Sub-Department 1,Sub-Department 2</param>
<param name="rice.default.chart.code">UC</param>
<!-- role names for organization routing -->
<param name="uconn.routing.departmentRole">Derived Role: UConn Dept Head</param>
<param name="uconn.routing.unitRole">Derived Role: UConn Unit Head</param>
<param name="uconn.routing.execRole">Derived Role: UConn Exec Head</param>
<param name="uconn.routing.univHeadRole">Derived Role: UConn University Head</param>
<param name="uconn.routing.subDeptRole">Derived Role: UConn SubDept Head</param>
<param name="uconn.workflow.viewerRole">Derived Role: UConn Workflow Document Viewer</param>
<param name="uconn.workflow.subDeptViewerRole">Derived Role: UConn SubDept Workflow Document Viewer</param>
<param name="uconn.workflow.deptViewerRole">Derived Role: UConn Dept Workflow Document Viewer</param>
<param name="uconn.workflow.unitViewerRole">Derived Role: UConn Unit Workflow Document Viewer</param>
<param name="uconn.workflow.execViewerRole">Derived Role: UConn Exec Workflow Document Viewer</param>
<!-- rice module configuration -->
<param name="kim.mode" override="false">LOCAL</param>
<!-- uconn module configuration -->
<param name="uconn.url" override="false">${application.url}/uconn</param>
<param name="uconn.mode" override="false">LOCAL</param>
<param name="uconn.soapExposedService.jaxws.security">false</param>
<param name="uconn.ldapService.jaxws.security">false</param>
<!-- webservice -->
<param name="kim.soapExposedService.jaxws.security">false</param>
<param name="rice.ksb.serviceRegistry.security">true</param>
<!-- Allowed values for request parameter backLocation
To prevent nefarious hacking using the request parameter Rice only allows certain values for the 'backLocation' request parameter.
This creates a problem for developers running KFS locally and pointing to the standalone Rice server.
Comment out the 'non production environments' block for production servers and conversely the ' non production environments' block for
other environments.
-->
<param name="rice.backLocation.default.url">${application.url}</param>
<!-- non production environments -->
<param name="rice.dev.backLocation">http://localhost:8080</param>
<param name="rice.backLocation.allowed.regex">^(${application.url}|${kfs.url}|${rice.appserver.url}|${rice.dev.backLocation})(/.*|)</param>
<!--end non production environments -->
<!-- production environments -->
<param name="rice.backLocation.allowed.regex">^(${application.url}|${kfs.url}|${rice.appserver.url})(/.*|)</param>
<!-- end production environments -->
<!-- additional spring beans files -->
<param name="rice.kr.additionalSpringFiles">classpath:edu/uconn/kuali/rice/config/UConnKrOverrideSpringBeans.xml</param>
<param name="rice.kew.additionalSpringFiles">classpath:edu/uconn/kuali/rice/config/UConnKewOverrideSpringBeans.xml</param>
<param name="rice.ksb.additionalSpringFiles">classpath:edu/uconn/kuali/rice/config/UConnKsbOverrideSpringBeans.xml</param>
<param name="rice.kim.additionalSpringFiles">classpath:org/kuali/rice/kim/config/KIMLdapSpringBeans.xml,classpath:edu/uconn/kuali/rice/config/UConnKimOverrideSpringBeans.xml</param>
<!-- end additional spring beans files -->
<!-- quartz -->
<param name="useQuartzDatabase">true</param>
</config> |
...
| Code Block | ||
|---|---|---|
| ||
# External Configuration Properties
#
########################################
# Environment specific changes begin
########################################
#Set this to the deployed environment.
environment=<envirment>
#Set the KFS appserver url
## production
appserver.url=https://kuali.uconn.edu
## any non production environment
appserver.url=https://kualinp.uconn.edu
## local
#appserver.url=http://localhost:8080
#Set based which rice environment is to be used with KFS. A local example is provided.
rice.environment=<rice-env>
rice.appserver.url=https"//<rice url>
#rice.environment=dev
#rice.appserver.url=http://localhost:8081
# set batch mode to false and kfs will publish services. Should be true if localhost
rice.ksb.batch.mode=false
##rice.ksb.batch.mode=true
########################################
# Environment specific changes end
########################################
## apis.enabled determines whether REST APIs are accessible from an outside client
apis.enabled=true
app.code=kfs
application.host=${appserver.url}
context.names.app=${app.code}-${environment}
context.names.kfs=${app.code}-${environment}
app.context.name=${context.names.app}
base.url=${appserver.url}
application.url=${appserver.url}/${context.names.kfs}
application.id=KFS
kfs.mode=LOCAL
# this property can be used to turn p6spy logging on and off (we use p6spy to log the sql generated by ojb)
use.p6spy=true
#
# Directories
#
base.directory=/srv/uconn_configs/kfs-config
work.directory=${base.directory}/work
staging.directory=${work.directory}/staging
security.directory=${base.directory}/security
staging.directory.sys.batchContainer=${staging.directory}/sys/batchContainer
reports.directory=${work.directory}/reports
security.property.file=file:${security.directory}/security.properties
templates.directory=${work.directory}/templates
config.url=${appserver.url}/${base.directory}
reports.url=${appserver.url}
temp.directory=${work.directory}/temp
logs.directory=${base.directory}/logs
monitoring.directory=${logs.directory}/monitoring
attachments.directory=${base.directory}/work/attachments
attachment.dir.location=${attachments.directory}
attachments.pending.directory=${attachments.directory}/pending
settings.directory=${base.directory}/settings
data.xml.root.location=${base.directory}/work/staging/workflow
data.xml.pending.location=${base.directory}/work/staging/workflow/pending
data.xml.loaded.location=${base.directory}/work/staging/workflow/loaded
data.xml.problem.location=${base.directory}/work/staging/workflow/problem
log4j.settings.path=file:/srv/uconn_configs/kfs-config/log4j.properties
log4j.settings.file=file:/srv/uconn_configs/kfs-config/log4j.properties
keystore.file=/srv/uconn_configs/kfs-config/security/rice.keystore
batch.file.lookup.root.directories=${base.directory}/work/staging;${base.directory}/work/reports
temp.directory=${work.directory}/temp
cache.service.bus.security.enabled=true
contracts.grants.billing.enabled=false
csrf.enabled=false
kew.callback.service.bus.security.enabled=true
dev.mode=false
kfs.mode=LOCAL
# necessary to include uconn module in embedded rice
uconn.mode=LOCAL
feedback.link.url=
#jwt.expiration.seconds=86400
connection.pool.impl=BitronixXa
datasource=kfsDataSource${connection.pool.impl}
# kfs
kfs.url=${application.url}
kfs.externalizable.help.url=${externalizable.static.content.url}
kfs.locale=en_US
kfs.service.namespace.uri=http://kfs.kuali.org/kfs/v5_0
log4j.reload.minutes=5
login.filter.className=org.kuali.kfs.sys.web.filter.DevelopmentLoginFilter
#
# rice properties
#
context.names.rice=kr-${rice.environment}
rice.server.url=${rice.appserver.url}/${context.names.rice}
rice.url=${rice.server.url}
rice.standalone=true
rice.ksb.registry.serviceUrl=${rice.server.url}/remoting/soap/ksb/v2_0/serviceRegistry
data.dictionary.validate=true
validate.ebo.references=true
classpath.resource.prefix=/WEB-INF/classes/
core.url=${rice.appserver.url}/${context.names.rice}/core
rice.server.krad.url=${rice.appserver.url}/${context.names.rice}/kr-krad
http.service.url=${rice.appserver.url}/${context.names.rice}/remoting
rice.server.krad.lookup.url=${rice.appserver.url}/${context.names.rice}/kr-krad/lookup
# System URLs
serviceServletUrl=${application.url}/remoting
ksb.client.url=${application.url}/ksb
ksb.server.url=${rice.server.url}/ksb
kr.url=${rice.server.url}/kr
krad.url=${rice.server.url}/kr-krad
kr.krad.url=${rice.server.url}/kr-krad
kcb.url=${rice.server.url}/kcb
ksb.url=${rice.server.url}/ksb
ken.url=${rice.server.url}/ken
krms.url=${rice.server.url}/krms
kim.url=${rice.server.url}/kim
workflow.url=${rice.server.url}/kew
kew.url=${rice.server.url}/kew
krad.lookup.url=${rice.server.url}/kr-krad/lookup
krad.inquiry.url=${rice.server.url}/kr-krad/inquiry
rice.portal.allowed.regex=^${application.url}(/.*|)|^${rice.server.url}(/.*|)
rice.backLocation.allowed.regex=^(${application.url}|${rice.url}|${appserver.url})(/.*|)
rice.backLocation.default.url=${application.url}
#mail.smtp.connectiontimeout=10000
#mail.smtp.timeout=10000
#message.queue.url=MessageQueue.do
module.access.security.enabled=true
module.accounts.receivable.enabled=true
module.capital.asset.enabled=true
module.contracts.and.grants.enabled=true
module.labor.distribution.enabled=true
module.purchasing.enabled=true
#periodic.thread.dump=true
#periodic.thread.dump.seconds=300
production.environment.code=prd
remote.view.url=${application.url}/remote
#skip.batch.directory.initiation=false
soap.service.default.service.bus.security.enabled=false
#thread.pool.url=ThreadPool.do
transaction.timeout=100000
rice.portal.links.showRiceServerConfig=true;
# UCONN CAS server URL for rics
cas.context.name=cas
cas.url=https://login.uconn.edu/cas
cas.login.url=${cas.url}/login
cas.server.url.prefix=https://login.uconn.edu/cas
cas.server.login.url=https://login.uconn.edu/cas/login
cas.server.name=${application.url}
cas.rice.server.name=${rice.server.url}
cas.require.https=false
cas.validate.password=false
cas.validate.url=${cas.url}/serviceValidate
cas.require.https" override="false=false
cas.validate.password=false
cas.rice.server.name=${appserver.url}
rice.default.chart.code=UC
# since rice is defaulting the environment to dev and not allowing override, we can't just use ${environment}
build.environment=${environment}
#kuali-monsters site had true
rice.ksb.web.forceEnable=true
workflow.documentsearch.base.url=${rice.server.url}/kew/DocumentSearch.do?docFormKey=88888888&returnLocation=${kfs.url}/portal.do&hideReturnLink=true
externalizable.static.content.url=${application.url}/static
externalizable.images.url=${externalizable.static.content.url}/images/
externalizable.help.url=${externalizable.static.content.url}/help/
kfs.externalizable.help.url=${externalizable.help.url}
kr.externalizable.images.url=${application.url}/kr/static/images/
krad.externalizable.images.url=${application.url}/krad/images/
batch.transaction.timeout=500000
# Email Properties
mail.relay.server=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]
mailing.list.batch=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]
kr.incident.mailing.list=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]
KualiExceptionIncidentServiceImpl.REPORT_MAIL_LIST=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]
mail.smtp.host=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]
mail.transport.protocol=smtp
real.notifications.enabled=true
nonproduction.notification.mailing.list=
# KIM Properties
kim.soapExposedService.jaxws.security=false
kim.identityArchiveServiceImpl.executionIntervalSeconds=600
kim.identityArchiveServiceImpl.maxWriteQueueSize=300
org.kuali.rice.kim.bo.ui.PersonDocumentEmploymentInfo.hidden=baseSalaryAmount
kim.hide.PersonDocumentAddress.type=HM
kim.hide.PersonDocumentPhone.type=HM
kim.show.blank.qualifiers=true
session.document.cache.size = 1000
# log4j file for Rice
# Unifier Integration Properties
unifier.security.enabled=false
unifier.api.url=${unifier.test.api.url}
#
#
# ldap mapping information
#
rice.ldapattr.entityId=uid
rice.ldapattr.principalName=uid
rice.ldap.principalAlwaysActive=true
rice.ldapattr.firstName=givenName
rice.ldapattr.middleName=initials
rice.ldapattr.lastName=sn
rice.ldapattr.fullName=cn
rice.ldapattr.displayName=displayName
rice.ldapattr.title=title
rice.ldapattr.email=mail
rice.ldapattr.phoneNumber=publishedTelephoneNumber
rice.pattern.phoneNumberKimFormat=%s-%s-%s
rice.ldapattr.date.of.birth=uconnPersonDateOfBirth
rice.pattern.phoneNumberLdapRegex=.*([0-9]{3}).*([0-9]{3}).*([0-9]{4})
rice.ldapattr.employeeId=uconnPersonEmplID
rice.ldapattr.payrollId=uconnPersonPayrollID
rice.ldapattr.deptNumber=departmentNumber
rice.ldapattr.deptName=uconnDepartment
rice.ldapattr.employeeType=
rice.ldapattr.employeeStatus=
rice.ldap.employeeTypeMappings=
rice.ldap.employeeStatusMappings=true=A,false=T
rice.ldapattr.building=buildingName
rice.ldapattr.street=street
rice.ldapattr.postalAddr=postalAddress
rice.ldapattr.city=
rice.ldapattr.state=
rice.ldapattr.country=
rice.ldapattr.zipCode=
rice.ldapattr.campus=l
rice.ldapattr.primaryAffiliation=eduPersonPrimaryAffiliation
rice.ldapattr.affiliation=eduPersonAffiliation
rice.ldapattr.uconnPerson.affiliation=uconnPersonAffiliation
rice.ldap.affiliationMappings=STAFF=staff,FCLTY=faculty,STDNT=student,AFLT=affiliate
rice.ldap.campusMappings=Storrs=01,Hartford=02,Stamford=03,Torrington=04,Waterbury=05,Avery Point=06,Health Center=07,Extension Services=08 \u00a0 \u00a0 \u00a0
rice.ldap.cityZipMappings=Storrs=06269,Hartford=06117,Stamford=06901,Torrington=06790,Waterbury=06702,Avery Point=06340,Health Center=06030,Extension Services=000000
rice.ldap.defaultCampusCode=
rice.ldap.defaultCityCode=
rice.ldap.defaultStateCode=CT
rice.ldap.defaultCountryCode=US
rice.ldap.defaultZipCode=
rice.ldapattr.unitNumber=uconnUnitNumber
rice.ldapattr.uconnPublished=uconnPublished
rice.ldapattr.uconnPublished.email=uconnPublishedEmail
rice.ldap.objectClass=objectClass
## KPS-598 Jaggaer Single Sign On (SSO) - Roles and Orgs
rice.ldapattr.personEntitlement=eduPersonEntitlement
jaggear.urn=urn:sciquest.com:solutions.sciquest.com:
rice.ldap.search.limit=5000
rice.ldap.ids.to.skip=2,KFS2,kr,kfs,admin,notsys
rice.ldap.student.affiliation=student
uconn.ldapService.jaxws.security=true
skip.batch.directory.initiation=false
# indicates whether schema validation should be built from data dictionary, otherwise validation is basic xsd types only
use.dd.schema.validation=false
# environmental display URL
#env.display.text=uconn kfs local
rice.kim.soapExposedService.jaxws.security=false
rice.kim.employee.status.id=employee
uconn.soapExposedService.jaxws.security=false
uconn.ldapService.jaxws.security=true
kim.soapExposedService.jaxws.security=false
# the institution specific css files that should be available to every non-portal page in the application
# IMPORTANT! The env.css might need to be removed in production.
institution.portal.css.files=,css/uconn_portal.css,css/env.css
unifier.production.security.enabled=true
unifier.test.security.enabled=true
unifier.production.api.url=http://pu.grove.ad.uconn.edu/UnifierWS
unifier.test.api.url=http://puint.grove.ad.uconn.edu/UnifierWS
userOptions.default.emailAgingNotification3=30 days
# B2B Integration Propertiessys/api/v1/system/environment
b2b.environment=test
b2b.punch.back.action.forwarding.url=/portal.do?channelTitle=Requisition&channelUrl=purapRequisition.do?methodToCall=displayB2BRequisition
b2b.punch.back.url=${application.url}/b2b.do?methodToCall=returnFromShopping
b2b.punch.out.url=http://usertest.sciquest.com/apps/Router/ExternalAuth/cXML/UCONN
b2b.purchase.order.url=https://usertest-messages.sciquest.com/apps/Router/POXMLImport
#
#Jaggaer Huskybuy url properties.
b2b.prvalidation.url=${b2b.test.prvalidation.url}
b2b.custom.field.url=${b2b.test.custom.field.url}
b2b.supplier.sync.url=${b2b.test.supplier.sync.url}
b2b.invoice.status.url=${b2b.test.invoice.status.url}
b2b.user.url=${b2b.test.user.url}
b2b.requisition.url=${b2b.test.requisition.url}
b2b.jaggaer.url=${b2b.test.jaggaer.url}
#
# script runner
repository.uri=https://stash.uconn.edu/scm/kfs/dbscripts.git
repository.uri.test=https://stash.uconn.edu/scm/kfs/dbscripts-test.git
repository.local=${base.directory}/work/git-repository/dbscripts
repository.user=KFSScriptRunner
repository.password=kFs@Scri9t3<repository password>
kr.script.repository=kr-scripts
kr.otf.script.file.path=${base.directory}/work/scriptRunner/kr_OtfScrips.sql
kfs.script.repository=kfs-scripts
kfs.otf.script.file.path=${base.directory}/work/scriptRunner/kfs_OtfScrips.sql
script.archive.path=/archive
sqlplus.service.name=@KFSORA.world
#sqlplus.service.name=@KFSUPDEV.world
sqlplus.path=/opt/oracleClient/product/12.2.0.1/client/bin/sqlplus
# aim
aim.api.url=${aim.test.api.url}
unifier.api.url=${unifier.test.api.url}
#
# concur
#
aeweb.travel.test.url=https://dev.aeweb.uconn.edu:8058
aeweb.travel.prod.url=https://prd.aeweb.uconn.edu:8058
aeweb.hris.test.url=https://dev.aeweb.uconn.edu:8057
aeweb.hris.prod.url=https://prd.aeweb.uconn.edu:8057
aeweb.travel.api.url=${aeweb.travel.test.url}
aeweb.hris.api.url=${aeweb.hris.test.url}
## gpg
concur.gpg.public.key.file=${security.directory}/pubring.gpg
concur.gpg.private.key.file=${security.directory}/secret-keys.gpg
## directories
concur.archive.directory=${staging.directory}/concur/archive
concur.export.directory=${staging.directory}/concur/export
concur.import.directory=${staging.directory}/concur/import
concur.extract.directory=${staging.directory}/concur/extract
concur.sftp.import.directory=out/
concur.sftp.export.directory=in/
concur.encrypt.file.extension=.txt.gpg
concur.decrypt.file.extension=.txt
concur.oauth2.test.endpoint=https://us-impl.api.concursolutions.com/oauth2/v0/token
concur.oauth2.prod.endpoint=https://us.api.concursolutions.com/oauth2/v0/token
concur.oauth2.endpoint=${concur.oauth2.test.endpoint}
concur.oauth2.location=us.api.concursolutions.com |
...
| Code Block | ||
|---|---|---|
| ||
########################################
# The Kuali Financial System, a comprehensive financial management system for higher education.
#
# Copyright 2005-2014 The Kuali Foundation
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
########################################
#
# common datasource
#
datasource.driver.name=oracle.jdbc.OracleDriver
datasource.driver=oracle.jdbc.OracleDriver
## Exadata data base
datasource.url=jjdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=YES)(FAILOVER=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=exa02-scan.uits.uconn.edu)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=kfsupdev.uits.uconn.edu)(FAILOVER_MODE=(TYPE=SELECT)(METHOD=BASIC)(RETRIES=20)(DELAY=5))))
datasource.connection.timeout=100000
datasource.validating.query=select 1 from dual
datasource.pool.maxActive=100
datasource.pool.minIdle=5
datasource.pool.initialSize=50
datasource.pool.accessToUnderlyingConnectionAllowed=true
datasource.pool.maxSize=100
datasource.pool.minSize=5
datasource.pool.maxWait=60000
datasource.pool.max.idle.time=3600
datasource.pool.max.life.time=4800
datasource.pool.isolation.level=READ_COMMITTED
datasource.pool.enable.jdbc4.connection.test=true
datasource.pool.share.transaction.connections=true
datasource.pool.class=bitronix.tm.resource.jdbc.lrc.LrcXADataSource
datasource.pool.class.non.xa=${datasource.pool.class}
datasource.pool.btm.warnAboutZeroResourceTransaction=${datasource.btm.warnAboutZeroResourceTransaction}
datasource.maximum.cached.preparedstatements=25
datasource.ojb.platform=Oracle9i
datasource.ojb.sequence.manager=org.apache.ojb.broker.util.sequence.SequenceManagerNextValImpl
datasource.ojb.sequenceManager.className=org.apache.ojb.broker.util.sequence.SequenceManagerNextValImpl
datasource.platform=org.kuali.rice.core.framework.persistence.platform.OracleDatabasePlatform
datasource.btm.acquisitionInterval=12
datasource.btm.connectionTestTimeout=8
datasource.btm.acquisitionTimeout=242
datasource.btm.driverProperties.loginTimeout=6
datasource.btm.applyTransactionTimeout=false
datasource.btm.warnAboutZeroResourceTransaction=false
datasource.btm.journal=null
kfs.datasource.username=<KFS USERNAME>
kfs.datasource.password=<KFS PASSWORD>
kfs.datasource.driver.name=${datasource.driver}
kfs.datasource.url=${datasource.url}
kfs.datasource.connection.timeout=${datasource.connection.timeout}
kfs.datasource.validating.query=${datasource.validating.query}
kfs.datasource.pool.maxActive=${datasource.pool.maxActive}
kfs.datasource.pool.minIdle=${datasource.pool.minIdle}
kfs.datasource.pool.initialSize=${datasource.pool.initialSize}
kfs.datasource.pool.accessToUnderlyingConnectionAllowed=${datasource.pool.accessToUnderlyingConnectionAllowed}
kfs.datasource.pool.maxSize=${datasource.pool.maxSize}
kfs.datasource.pool.minSize=${datasource.pool.minSize}
kfs.datasource.pool.maxWait=${datasource.pool.maxWait}
kfs.datasource.maximum.cached.preparedstatements=${datasource.maximum.cached.preparedstatements}
##
##
rice.datasource.username=<RICE USERNAME>
rice.datasource.password=<RICE PASSWORD>
rice.datasource.driver.name=${datasource.driver}
rice.datasource.url=${datasource.url}
rice.datasource.connection.timeout=${datasource.connection.timeout}
rice.datasource.validating.query=${datasource.validating.query}
rice.datasource.pool.maxActive=${datasource.pool.maxActive}
rice.datasource.pool.minIdle=${datasource.pool.minIdle}
rice.datasource.pool.initialSize=${datasource.pool.initialSize}
rice.datasource.pool.accessToUnderlyingConnectionAllowed=${datasource.pool.accessToUnderlyingConnectionAllowed}
rice.datasource.pool.maxSize=${datasource.pool.maxSize}
rice.datasource.pool.minSize=${datasource.pool.minSize}
rice.datasource.pool.maxWait=${datasource.pool.maxWait}
rice.datasource.maximum.cached.preparedstatements=${datasource.maximum.cached.preparedstatements}
#
# ldap connection information
#
rice.ldap.username=uid=uits-kuali,ou=accounts,ou=ldap,dc=uconn,dc=edu
rice.ldap.password=<ldap password>
rice.ldap.base=dc=uconn,dc=edu
rice.ldap.url=ldap://ldap.uconn.edu
# test ldap
#rice.ldap.url=ldap://master-test.ldap.uconn.edu
## KPS-598 Jaggaer Single Sign On (SSO) - Roles and Orgs
ldap.wrt.username=uid=uits-kuali,ou=accounts,ou=ldap,dc=uconn,dc=edu
ldap.wrt.password=<ldap password>
ldap.wrt.url=ldap://master.ldap.uconn.edu
ldap.wrt.base=dc=uconn,dc=edu
ojb.persistencebroker.pool.maxactive=${datasource.pool.size}
keystore.alias=rice
keystore.password=<rice key store password>
jwt.encryption.key=<jwt.encryption.key>
encryption.key=<encryption.key>
other.encryption.key=<other.encryption.key>
b2b.user.agent=kfs
b2b.purchase.order.identity=
b2b.purchase.order.password=
b2b.shopping.identity=
b2b.shopping.password=
b2b.test.poimport.identity=30003168
b2b.test.poimport.password=<password>
b2b.prvalidation.identity=30003168
b2b.prvalidation.password=p<password>
b2b.poexport.identity=30003168
b2b.poexport.password=poHus7yt3st
b2b.custom.field.identity=30003168
b2b.custom.field.password=<password>
b2b.supplier.sync.identity=30003168
b2b.supplier.sync.password=<password>
b2b.invoice.export.identity=30003168
b2b.invoice.export.password=<password>
b2b.invoice.status.identity=30003168
b2b.invoice.status.password=<password>
b2b.user.identity=30003168
b2b.user.password=<password>
b2b.requisition.identity=30003168
b2b.requisition.password=<password>
b2b.poimport.identity=30003168
b2b.poimport.password=t3stUc0NPOn
b2b.test.requisition.identity=30003168
b2b.test.requisition.password=<password>
b2b.test.poimport.identity=30003168
b2b.test.poimport.password=<password>
b2b.test.prvalidation.identity=30003168
b2b.test.prvalidation.password=<password>
b2b.test.custom.field.identity=30003168
b2b.test.custom.field.password=<password>
b2b.test.supplier.sync.identity=30003168
b2b.test.supplier.sync.password=<password>
b2b.test.invoice.status.identity=30003168
b2b.test.invoice.status.password=<password>
b2b.test.invoice.export.identity=30003168
b2b.test.invoice.export.password=<password>
b2b.test.poexport.identity=30003168
b2b.test.poexport.password=<password>
b2b.test.user.identity=30003168
b2b.test.user.password=<password>
aim.test.api.identity=POSERVICES
aim.test.api.password=<password>
unifier.test.api.identity=wslogin
unifier.test.api.password=<password>
aim.test.api.identity=POSERVICES
aim.test.api.password=<password>
aim.api.identity=${aim.test.api.identity}
aim.api.password=${aim.test.api.password}
unifier.test.api.identity=wslogin
unifier.test.api.password=<password>
unifier.api.identity=${unifier.test.api.identity}
unifier.api.password=${unifier.test.api.password}
# concur gpg
concur.gpg.user.id=ConcurSolutions
concur.gpg.key.uid=ConcurSolutions (Integrations) <intadmin@concursolutions.com>
#uconn gpg
uconn.gpg.user.id=UConn-KFS
uconn.gpg.passphrase=<passphrase>
aeweb.travel.user=kfstravelapi
aeweb.travel.password=<password>
## sftp
concur.sftp.url=st.concursolutions.com
## test
concur.sftp.password=<password>
concur.sfpt.username=t0072856zkzm
## production
#concur.sftp.password=<password>
#concur.sfpt.username=@5P3!ftSUVtq<username>
#concur oauth2
concur.oauth2.client.id=e2273aa8-5104-4108-8596-9e2a86dd699f
conocur.oauth2.client.secret=6099b67e-b3ca-4adc-8b26-de0c8b629238
concur.oauth2.user.name=webadmin@uconn.edu
concur.oauth2.password=<password>
#concur notify service
concur.notify.username=kfsconcur
concur.notify.password=<password> |
...
Post Deployment
XML Ingestion
It is necessary toFrom KFS menu System >> Rice >> Administration → Workflow >> XML Ingester
Upload the following files
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5084.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5135.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5989.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-443.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5164.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5237.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5331.xml
- /uconn/upgrade-kfs7/workflow-upgrades/KS-PS-455-CLOS.xml/
- /uconn/upgrade-kfs7/workflow-upgrades/KS-PS-455-INST.xml
- /uconn/upgrade-kfs7/workflow-upgrades/AccountsReceivableMaintenanceDocuments.xml
- /uconn/upgrade-kfs7/workflow-upgrades/AccountsReceivableSimpleMaintenanceDocuments.xml
- /uconn/upgrade-kfs7/workflow/AccountsReceivableTransactionalDocuments.xml
- /uconn/upgrade-kfs7/workflow-upgrades/ChartSimpleMaintenanceDocuments.xml
- uconn/upgrade-kfs7/workflow-upgrades/ContractsAndGrantsSimpleMaintenanceDocuments.xml
Upload UConn logo
From KFS menu Syatem >> Institutional Configuration → Branding → click box "Drag & drop logo here or click to select a logo to upload." and navigate to /uconn-kfs/uconn/upgrade-kfs7/uconn-wordmark-side-blue-gray.png and click "Open". Logo will appear in "Branding" box...click "Apply".
Message of the day
From KFS menu Syatem >> Institutional Configuration → Message of the Day
Click Edit and handle as you would any maintainence document.
Navigate to your name on side bar and click "Refresh Navigation"
Workflow client - Dependent Tuition Waiver
Due to the separation of Rice and KFS to separate Tomcat instances the WSDLs in the config file must change to reflect the Rice server url
Edit the /srv/uconn_configs/workflow/conf/workflow_clientapp.xml file and change the wsdl parmeters from .../kfs-prd/remoting /... to ../kr-prd/remoting/... as in the following example
| Code Block | ||||
|---|---|---|---|---|
| ||||
<!-- production -->
<param name="application.url">https://prd.aeweb.uconn.edu/dtw</param>
<param name="encryption.key">7IC64w6ksLU</param>
<param name="keystore.alias">rice</param>
<param name="keystore.file">/srv/uconn_configs/rice-config/rice.keystore</param>
<param name="keystore.password">r1c3pw</param>
<param name="clientapp.environment">dev</param>
<param name="production.environment.code">prd</param>
<param name="dtw.export.file.path">/home/dtw/</param>
<param name="engine.url">https://kualinp.uconn.edu/kr-prd</param>
<!-- https://kualinp.uconn.edu/kfs-updev/remoting -->
<!-- externalized configuration for worklow -->
<param name="group.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/kim/v2_0/groupService?wsdl</param>
<param name="role.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/kim/v2_0/roleService?wsdl</param>
<param name="workflow.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/uconn/v2_0/ucWorkFlowWsService?wsdl</param>
<param name="ldap.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/uconn/v2_0/uconnLdapService?wsdl</param>
<param name="mud.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/uconn/v2_0/ucMudOrgWsService?wsdl</param>
<param name="mail.smtp.host">smtp.uconn.edu</param>
<param name="mail.prop.name">mail.smtp.host</param>
<param name="mail.from.addr">noreply@uconn.edu</param>
</config> |