Project
Clone or download the source code from https://stash.uconn.edu/projects/KFS/repos/uconn-kfs.
...
Update liquibase.properties file with appropriate url, user and password
- Replace [env] in kfs/core/core-services-cf.sql and kfs/kfs-additional.xml with appropriate environment (prd for production)
Run kfs-runlog.sh to use liquibase to perform the updates.
Server Configuration
Add -Dadditional.kfs.config.locations="/srv/uconn_configs/kfs-external-config.properties" to VM arguments.
Tomcat
Additional jar files.
...
Code Block | ||||
---|---|---|---|---|
| ||||
<!-- Copyright 2008-2009 The Kuali Foundation Licensed under the Educational Community License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.opensource.org/licenses/ecl2.php Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <config> <!-- Application URL Configuration --> <!-- Please fill in values for these parameters! --> <param name="environment"><[environment]</param> <param name="app.context.name">kr-${environment}</param> <param name="context.names.rice">kr-${environment}</param> <param name="context.names.app">${app.context.name}</param> <param name="application.host">[rice server]</param> <param name="application.url">${application.host}/${context.names.rice}</param> <param name="workflow.url">${application.url}/kew</param> <param name="appserver.url">${application.host}</param> <param name="kfs.url">[kfs server]/kfs-${environment}</param> <param name="context.names.kfs">kfs-[${environment]}</param> <param name="kfs.externalizable.help.url">[ kfs server ]/${context.names.kfs}>${kfs.url}/static/help/</param> <!-- set some datasource defaults --> <param name="datasource.ojb.platform">Oracle9i</param> <param name="datasource.platform">org.kuali.rice.core.framework.persistence.platform.OracleDatabasePlatform</param> <!-- test Exadata database --> <param name="datasource.url">jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=YES)(FAILOVER=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=exa02-scan.uits.uconn.edu)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=kfsupdev.uits.uconn.edu)(FAILOVER_MODE=(TYPE=SELECT)(METHOD=BASIC)(RETRIES=20)(DELAY=5))))</param> <param name="datasource.driver.name">oracle.jdbc.driver.OracleDriver</param> <param name="datasource.username">kr_[environment]</param> <param name="datasource.password">[ password ]</param> <param name="datasource.maximum.cached.preparedstatements">25</param> <!-- btm --> <param name="datasource.btm.journal">null</param> <param name="datasource.btm.acquisitionInterval">12</param> <param name="datasource.btm.connectionTestTimeout">8</param> <param name="datasource.btm.acquisitionTimeout">242</param> <param name="datasource.btm.driverProperties.loginTimeout">6</param> <param name="datasource.btm.applyTransactionTimeout">false</param> <param name="datasource.btm.warnAboutZeroResourceTransaction">false</param> <param name="datasource.btm.pool.class">bitronix.tm.resource.jdbc.lrc.LrcXADataSource</param> <!-- obj --> <param name="datasource.ojb.sequence.manager">org.apache.ojb.broker.util.sequence.SequenceManagerNextValImpl</param> <param name="datasource.ojb.sequenceManager.className">org.apache.ojb.broker.util.sequence.SequenceManagerNextValImpl</param> <!-- connection pool --> <param name="datasource.pool.maxActive">100</param> <param name="datasource.pool.minIdle">5</param> <param name="datasource.pool.initialSize">50</param> <param name="datasource.pool.maxSize">100</param> <param name="datasource.pool.minSize">5</param> <param name="datasource.pool.maxWait">3000</param> <param name="datasource.pool.validationQuery">select 1</param> <param name="datasource.pool.max.idle.time">3600</param> <param name="datasource.pool.max.life.time">4800</param> <param name="datasource.pool.isolation.level">READ_COMMITTED</param> <param name="datasource.pool.enable.jdbc4.connection.test">true</param> <param name="datasource.pool.share.transaction.connections">true</param> <param name="datasource.pool.class">${datasource.btm.pool.class}</param> <param name="connection.pool.impl">BitronixXa</param> <param name="datasource.pool.isolation.level">READ_COMMITTED</param> <!-- rice --> <param name="rice.datasource.url">${datasource.url}</param> <param name="rice.datasource.username">${datasource.username}</param> <param name="rice.datasource.password">${datasource.password}</param> <param name="rice.datasource.driver.name">${datasource.driver.name}</param> <param name="rice.datasource.pool.maxWait">${datasource.pool.maxWait}</param> <param name="rice.datasource.pool.minSize">${datasource.pool.minSize}</param> <param name="rice.datasource.pool.maxSize">${datasource.pool.maxSize}</param> <param name="rice.datasource.pool.maxActive">${datasource.pool.maxActive}</param> <param name="rice.datasource.validating.query">${datasource.pool.validationQuery}</param> <param name="rice.datasource.pool.accessToUnderlyingConnectionAllowed">true</param> <param name="rice.datasource.pool.minIdle">${datasource.pool.minIdle}</param> <param name="rice.datasource.pool.initialSize">${datasource.pool.initialSize}</param> <param name="rice.custom.ojb.properties">classpath:org/kuali/rice/core/ojb/RiceOJB.properties</param> <!-- necessary for kfs account infor web service --> <param name="kfs.datasource.url">${datasource.url}</param> <param name="kfs.datasource.username">kfs_[ environment ]</param> <param name="kfs.datasource.password">[ password ]</param> <param name="kfs.datasource.driver.name">${datasource.driver.name}</param> <param name="kfs.datasource.pool.maxWait">${datasource.pool.maxWait}</param> <param name="kfs.datasource.pool.minSize">${datasource.pool.minSize}</param> <param name="kfs.datasource.pool.maxSize">${datasource.pool.maxSize}</param> <param name="kfs.datasource.pool.maxActive">${datasource.pool.maxActive}</param> <param name="kfs.datasource.validating.query">${datasource.pool.validationQuery}</param> <param name="kfs.datasource.pool.accessToUnderlyingConnectionAllowed">true</param> <param name="kfs.datasource.pool.minIdle">${datasource.pool.minIdle}</param> <param name="kfs.datasource.pool.initialSize">${datasource.pool.initialSize}</param> <param name="kfsLocator.useAppContext">true</param> <!-- KSB remoting service definitions --> <param name="serviceServletUrl">${application.url}/remoting</param> <!-- directory --> <param name="rice.config.directory">/srv/uconn_configs/rice-config</param> <param name="security.directory" override="false">${rice.config.directory}</param> <param name="settings.directory" override="false">${rice.config.directory}</param> <param name="plugin.dir">${rice.config.directory}/plugins</param> <param name="data.xml.root.location">${rice.config.directory}/kew/xml</param> <param name="attachment.dir.location">${rice.config.directory}/kew_attachments</param> <param name="attachments.directory" override="false">${attachment.dir.location}/${environment}/attachments</param> <param name="attachments.pending.directory" override="false">${attachments.directory}/pending</param> <param name="portal.css.files" override="false">rice-portal/css/portal.css,rice-portal/css/uconn_portal.css,krad/plugins/fancybox/jquery.fancybox-1.3.4.css,krad/plugins/rice/textpopout/popoutTextarea.css,krad/plugins/jgrowl/jquery.jgrowl.css</param> <!-- log4j settings --> <param name="log4j.settings.path">${rice.config.directory}/log4j.properties</param> <param name="log4j.settings.reloadInterval">5</param> <!-- Keystore and Encryption Configuration --> <param name="keystore.file">${rice.config.directory}/rice.keystore</param> <param name="keystore.alias">rice</param> <param name="keystore.password">[keystore password]</param> <!-- parameters for Aes 256 bit encryption --> <param name="encryption.key">[ encryption key ]</param> <param name="other.encryption.key">[ other encryption key ]</param> <!-- Mail Node Configuration --> <param name="mail.relay.server">localhost</param> <param name="mailing.list.batch">mailing.list.batch</param> <!-- CAS integration configuration --> <param name="cas.context.name" override="false">cas</param> <param name="cas.rice.server.name">${application.host}</param> <param name="cas.url">https://login.uconn.edu/${cas.context.name}</param> <param name="cas.require.https">false</param> <param name="cas.validate.password">false</param> <param name="filter.login.class">org.jasig.cas.client.authentication.AuthenticationFilter</param> <param name="filter.login.casServerLoginUrl">${cas.url}/login</param> <param name="filter.login.serverName">${cas.rice.server.name}</param> <param name="filtermapping.login.1">/*</param> <param name="filter.validation.class">org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</param> <param name="filter.validation.casServerUrlPrefix">${cas.url}</param> <param name="filter.validation.serverName">${cas.rice.server.name}</param> <param name="filtermapping.validation.2">/*</param> <param name="filter.caswrapper.class">org.jasig.cas.client.util.HttpServletRequestWrapperFilter</param> <param name="filtermapping.caswrapper.3">/*</param> <!-- end CAS integration configuration --> <!--Dummy Login Filter - use if you don't want to go through CAS <param name="filter.login.class">org.kuali.rice.krad.web.filter.AutoLoginFilter</param> <param name="filtermapping.login.1">/*</param> <param name="filter.login.autouser">dac04010</param> --> <!-- Sample Application Flag --> <param name="sample.enabled">false</param> <param name="dev.mode">false</param> <!-- ldap mappings --> <param name="rice.ldapattr.entityId">uid</param> <param name="rice.ldapattr.principalName">uid</param> <param name="rice.ldap.principalAlwaysActive">true</param> <param name="rice.ldapattr.firstName">givenName</param> <param name="rice.ldapattr.middleName">initials</param> <param name="rice.ldapattr.lastName">sn</param> <param name="rice.ldapattr.fullName">cn</param> <param name="rice.ldapattr.displayName">displayName</param> <param name="rice.ldapattr.title">title</param> <param name="rice.ldapattr.email">mail</param> <param name="rice.ldapattr.phoneNumber">publishedTelephoneNumber</param> <param name="rice.pattern.phoneNumberKimFormat">%s-%s-%s</param> <param name="rice.ldapattr.date.of.birth">uconnPersonDateOfBirth</param> <param name="rice.pattern.phoneNumberLdapRegex">.*([0-9]{3}).*([0-9]{3}).*([0-9]{4})</param> <param name="rice.ldapattr.employeeId">uconnPersonEmplID</param> <param name="rice.ldapattr.payrollId">uconnPersonPayrollID</param> <param name="rice.ldapattr.deptNumber">departmentNumber</param> <param name="rice.ldapattr.deptName">uconnDepartment</param> <param name="rice.ldapattr.employeeType"></param> <param name="rice.ldapattr.employeeStatus"></param> <param name="rice.ldap.employeeTypeMappings"></param> <param name="rice.ldapattr.building">buildingName</param> <param name="rice.ldapattr.street">street</param> <param name="rice.ldapattr.postalAddr">postalAddress</param> <param name="rice.ldapattr.city"></param> <param name="rice.ldapattr.state"></param> <param name="rice.ldapattr.country"></param> <param name="rice.ldapattr.zipCode"></param> <param name="rice.ldapattr.campus">l</param> <param name="rice.ldapattr.primaryAffiliation">eduPersonPrimaryAffiliation</param> <param name="rice.ldapattr.affiliation">eduPersonAffiliation</param> <param name="rice.ldapattr.uconnPerson.affiliation">uconnPersonAffiliation</param> <param name="rice.ldapattr.personEntitlement">eduPersonEntitlement</param> <param name="rice.ldap.affiliationMappings">STAFF=staff,FCLTY=faculty,STDNT=student,AFLT=affiliate</param> <param name="rice.ldap.campusMappings">Storrs=01,Hartford=02,Stamford=03,Torrington=04,Waterbury=05,Avery Point=06,Health Center=07,Extension Services=08</param> <param name="rice.ldap.cityZipMappings">Storrs=06269,Hartford=06117,Stamford=06901,Torrington=06790,Waterbury=06702,Avery Point=06340,Health Center=06030,Extension Services=000000</param> <param name="rice.ldap.defaultCampusCode"></param> <param name="rice.ldap.defaultCityCode"></param> <param name="rice.ldap.defaultStateCode">CT</param> <param name="rice.ldap.defaultCountryCode">US</param> <param name="rice.ldap.defaultZipCode"></param> <param name="rice.ldapattr.unitNumber">uconnUnitNumber</param> <param name="rice.ldapattr.uconnPublished">uconnPublished</param> <param name="rice.ldapattr.uconnPublished.email">uconnPublishedEmail</param> <param name="rice.ldap.objectClass">objectClass</param> <param name="rice.kim.entityTitleLength">20</param> <param name="rice.kim.employee.status.id">employee</param> <param name="rice.ldap.search.limit">5000</param> <!-- additional parameters --> <param name="organization.types">Division=4;VP Cabinet=5;AVP Dean=6;Discipline/Grouping=7;Department=8;Sub-Department 1=9;Sub-Department 2=T</param> <param name="organization.type.xref">executive=Division;unit=VP Cabinet,AVP Dean,Discipline/Grouping;department=Department,Sub-Department 1,Sub-Department 2</param> <param name="rice.default.chart.code">UC</param> <!-- role names for organization routing --> <param name="uconn.routing.departmentRole">Derived Role: UConn Dept Head</param> <param name="uconn.routing.unitRole">Derived Role: UConn Unit Head</param> <param name="uconn.routing.execRole">Derived Role: UConn Exec Head</param> <param name="uconn.routing.univHeadRole">Derived Role: UConn University Head</param> <param name="uconn.routing.subDeptRole">Derived Role: UConn SubDept Head</param> <param name="uconn.workflow.viewerRole">Derived Role: UConn Workflow Document Viewer</param> <param name="uconn.workflow.subDeptViewerRole">Derived Role: UConn SubDept Workflow Document Viewer</param> <param name="uconn.workflow.deptViewerRole">Derived Role: UConn Dept Workflow Document Viewer</param> <param name="uconn.workflow.unitViewerRole">Derived Role: UConn Unit Workflow Document Viewer</param> <param name="uconn.workflow.execViewerRole">Derived Role: UConn Exec Workflow Document Viewer</param> <!-- LDAP connection --> <param name="rice.ldap.username">uid=uits-kuali,ou=accounts,ou=ldap,dc=uconn,dc=edu</param> <param name="rice.ldap.password">[ ldap password ]</param> <param name="rice.ldap.url">ldap://ldap.uconn.edu</param> <param name="rice.ldap.base">dc=uconn,dc=edu</param> <!-- KPS-598 Jaggaer Single Sign On (SSO) - Roles and Orgs --> <param name="ldap.wrt.username">uid=uits-kuali,ou=accounts,ou=ldap,dc=uconn,dc=edu</param> <param name="ldap.wrt.password">[ ldap password </param> <param name="ldap.wrt.url">ldap://master.ldap.uconn.edu</param> <param name="ldap.wrt.base">dc=uconn,dc=edu</param> <!-- additional parameters --> <param name="organization.types">Division=4;VP Cabinet=5;AVP Dean=6;Discipline/Grouping=7;Department=8;Sub-Department 1=9;Sub-Department 2=T</param> <param name="organization.type.xref">executive=Division;unit=VP Cabinet,AVP Dean,Discipline/Grouping;department=Department,Sub-Department 1,Sub-Department 2</param> <param name="rice.default.chart.code">UC</param> <!-- role names for organization routing --> <param name="uconn.routing.departmentRole">Derived Role: UConn Dept Head</param> <param name="uconn.routing.unitRole">Derived Role: UConn Unit Head</param> <param name="uconn.routing.execRole">Derived Role: UConn Exec Head</param> <param name="uconn.routing.univHeadRole">Derived Role: UConn University Head</param> <param name="uconn.routing.subDeptRole">Derived Role: UConn SubDept Head</param> <param name="uconn.workflow.viewerRole">Derived Role: UConn Workflow Document Viewer</param> <param name="uconn.workflow.subDeptViewerRole">Derived Role: UConn SubDept Workflow Document Viewer</param> <param name="uconn.workflow.deptViewerRole">Derived Role: UConn Dept Workflow Document Viewer</param> <param name="uconn.workflow.unitViewerRole">Derived Role: UConn Unit Workflow Document Viewer</param> <param name="uconn.workflow.execViewerRole">Derived Role: UConn Exec Workflow Document Viewer</param> <!-- rice module configuration --> <param name="kim.mode" override="false">LOCAL</param> <!-- uconn module configuration --> <param name="uconn.url" override="false">${application.url}/uconn</param> <param name="uconn.mode" override="false">LOCAL</param> <param name="uconn.soapExposedService.jaxws.security">false</param> <param name="uconn.ldapService.jaxws.security">false</param> <!-- webservice --> <param name="kim.soapExposedService.jaxws.security">false</param> <param name="rice.ksb.serviceRegistry.security">true</param> <!-- Allowed values for request parameter backLocation To prevent nefarious hacking using the request parameter Rice only allows certain values for the 'backLocation' request parameter. This creates a problem for developers running KFS locally and pointing to the standalone Rice server. Comment out the 'non production environments' block for production servers and conversely the ' non production environments' block for other environments. --> <param name="rice.backLocation.default.url">${application.url}</param> <!-- non production environments --> <param name="rice.dev.backLocation">http://localhost:8080</param> <param name="rice.backLocation.allowed.regex">^(${application.url}|${kfs.url}|${rice.appserver.url}|${rice.dev.backLocation})(/.*|)</param> <!--end non production environments --> <!-- production environments --> <param name="rice.backLocation.allowed.regex">^(${application.url}|${kfs.url}|${rice.appserver.url})(/.*|)</param> <!-- end production environments --> <!-- additional spring beans files --> <param name="rice.kr.additionalSpringFiles">classpath:edu/uconn/kuali/rice/config/UConnKrOverrideSpringBeans.xml</param> <param name="rice.kew.additionalSpringFiles">classpath:edu/uconn/kuali/rice/config/UConnKewOverrideSpringBeans.xml</param> <param name="rice.ksb.additionalSpringFiles">classpath:edu/uconn/kuali/rice/config/UConnKsbOverrideSpringBeans.xml</param> <param name="rice.kim.additionalSpringFiles">classpath:org/kuali/rice/kim/config/KIMLdapSpringBeans.xml,classpath:edu/uconn/kuali/rice/config/UConnKimOverrideSpringBeans.xml</param> <!-- end additional spring beans files --> <!-- quartz --> <param name="useQuartzDatabase">true</param> </config> |
...
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5084.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5135.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5989.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-443.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5164.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5237.xml
- /uconn/upgrade-kfs7/workflow-upgrades/FINI-5331.xml
- /uconn/upgrade-kfs7/workflow-upgrades/KS-PS-455-CLOS.xml/
- /uconn/upgrade-kfs7/workflow-upgrades/KS-PS-455-INST.xml
- /uconn/upgrade-kfs7/workflow-upgrades/AccountsReceivableMaintenanceDocuments.xml
- /uconn/upgrade-kfs7/workflow-upgrades/AccountsReceivableSimpleMaintenanceDocuments.xml
- /uconn/upgrade-kfs7/workflow/AccountsReceivableTransactionalDocuments.xml
- /uconn/upgrade-kfs7/workflow-upgrades/ChartSimpleMaintenanceDocuments.xml
- uconn/upgrade-kfs7/workflow-upgrades/ContractsAndGrantsSimpleMaintenanceDocuments.xml
Upload UConn logo
From KFS menu Syatem >> Institutional Configuration → Branding → click box "Drag & drop logo here or click to select a logo to upload." and navigate to /uconn-kfs/uconn/upgrade-kfs7/uconn-wordmark-side-blue-gray.png and click "Open". Logo will appear in "Branding" box...click "Apply".
...
Due to the separation of Rice and KFS to separate Tomcat instances the WSDLs in the config file must change to reflect the Rice server url
Edit the /srv/uconn_configs/workflow/conf/workflow_clientapp.xml file and change the wsdl parmeters from .../kfs-prd/remoting /... to ../kr-prd/remoting/... as in the following example
Code Block | ||||
---|---|---|---|---|
| ||||
<!-- production --> <param name="application.url">https://prd.aeweb.uconn.edu/dtw</param> <param name="encryption.key">7IC64w6ksLU</param> <param name="keystore.alias">rice</param> <param name="keystore.file">/srv/uconn_configs/rice-config/rice.keystore</param> <param name="keystore.password">r1c3pw</param> <param name="clientapp.environment">dev</param> <param name="production.environment.code">prd</param> <param name="dtw.export.file.path">/home/dtw/</param> <param name="engine.url">https://kualinp.uconn.edu/kr-prd</param> <!-- https://kualinp.uconn.edu/kfs-updev/remoting --> <!-- externalized configuration for worklow --> <param name="group.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/kim/v2_0/groupService?wsdl</param> <param name="role.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/kim/v2_0/roleService?wsdl</param> <param name="workflow.srvc.wsdl">https://kuali.uconn.edu/kr-prd//remoting/soap/uconn/v2_0/ucWorkFlowWsService?wsdl</param> <param name="ldap.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/uconn/v2_0/uconnLdapService?wsdl</param> <param name="mud.srvc.wsdl">https://kuali.uconn.edu/kr-prd/remoting/soap/uconn/v2_0/ucMudOrgWsService?wsdl</param> <param name="mail.smtp.host">smtp.uconn.edu</param> <param name="mail.prop.name">mail.smtp.host</param> <param name="mail.from.addr">noreply@uconn.edu</param> </configconfig> |