Configuration

Local

  • Install Apache Tomcat 9
  • Install Java 11
  • Add -Dlog4j.configurationFile=/srv/uconn_configs/kfs-config/log4j2.json -Doracle.jdbc.DateZeroTime=true to JVM properties

Server

  • Install Apache Tomcat 9
  • Install Java 11
  • Add -Dlog4j.configurationFile=/srv/uconn_configs/kfs-config/log4j2.json -Doracle.jdbc.DateZeroTime=true to JVM properties
  • CATALINA_OPTS - Replace MaxPermSize wirh MaxMetaspaceSize

  • JAVA_OPTS - Replace MaxPermSize wirh MaxMetaspaceSize

  • Update the /usr/lib/systemd/system/tomcat.service with lastes oracle client information as follows


KFS configuration files

Delete /srv/uconn_configs/kfs-config/security/rice.keystore *** no longer necessary

There are several changes to the kfs-external-config.properties files

kfs-external-config.properties
[dac04010admin@updev ~]$ sudo cat /srv/uconn_configs/kfs-external-config.properties
########################################
# Environment specific changes begin
########################################

#Set this to the deployed environment. Local=dev, updev=updev, ups=ups etc.
environment=updev

##Set the KFS appserver url
##
## production
###appserver.url=https://kuali.uconn.edu
##
## all non-production
appserver.url=https://kualinp.uconn.edu

########################################
# Environment specific changes end
########################################

## apis.enabled determines whether REST APIs are accessible from an outside client
apis.enabled=true

#api.business.objects.max.results=250
maintainable.conversion.rule.file=classpath:/edu/uconn/kuali/kfs/sys/config/MaintainableXMLUpgradeRules.xml
app.code=kfs

application.host=${appserver.url}
context.names.app=${app.code}-${environment}
context.names.kfs=${app.code}-${environment}
app.context.name=${context.names.app}
base.url=${appserver.url}
application.url=${appserver.url}/${context.names.kfs}
application.id=KFS

# this property can be used to turn p6spy logging on and off (we use p6spy to log the sql generated by ojb)
use.p6spy=true
# this property can be used to turn on eclipselink jpa logging
eclipselink.logging.level=FINE
#
# Directories
#
base.directory=/srv/uconn_configs/kfs-config
work.directory=${base.directory}/work
staging.directory=${work.directory}/staging
security.directory=${base.directory}/security
staging.directory.sys.batchContainer=${staging.directory}/sys/batchContainer
reports.directory=${work.directory}/reports
security.property.file=file:/srv/uconn_configs/kfs-config/security/security.properties
templates.directory=${work.directory}/templates

config.url=${appserver.url}/${base.directory}
reports.url=

temp.directory=${work.directory}/temp
logs.directory=${base.directory}/logs
monitoring.directory=${logs.directory}/monitoring
attachments.directory=${base.directory}/work/attachments
attachment.dir.location=${attachments.directory}
attachments.pending.directory=${attachments.directory}/pending
settings.directory=${base.directory}/settings
data.xml.root.location=${base.directory}/work/staging/workflow
data.xml.pending.location=${base.directory}/work/staging/workflow/pending
data.xml.loaded.location=${base.directory}/work/staging/workflow/loaded
data.xml.problem.location=${base.directory}/work/staging/workflow/problem
log4j.settings.path=file:/srv/uconn_configs/kfs-config/log4j.properties

log4j.settings.file=file:/srv/uconn_configs/kfs-config/log4j.properties
batch.file.lookup.root.directories=${base.directory}/work/staging;${base.directory}/work/reports
temp.directory=${work.directory}/temp
cache.service.bus.security.enabled=true
contracts.grants.billing.enabled=false
csrf.enabled=false
kew.callback.service.bus.security.enabled=true
dev.mode=false
kfs.mode=LOCAL

feedback.link.url=

#jwt.expiration.seconds=86400

connection.pool.impl=BitronixXa
datasource=kfsDataSource${connection.pool.impl}

# kfs
kfs.locale=en_US

log4j.reload.minutes=5

login.filter.className=org.kuali.kfs.sys.web.filter.DevelopmentLoginFilter
data.dictionary.validate=true
classpath.resource.prefix=/WEB-INF/classes/

#mail.smtp.connectiontimeout=10000
#mail.smtp.timeout=10000
#message.queue.url=MessageQueue.do
module.access.security.enabled=true
module.accounts.receivable.enabled=true
module.capital.asset.enabled=true
module.contracts.and.grants.enabled=true
module.labor.distribution.enabled=true
module.purchasing.enabled=true

#periodic.thread.dump=true
#periodic.thread.dump.seconds=300
production.environment.code=prd


#skip.batch.directory.initiation=false
soap.service.default.service.bus.security.enabled=false

#thread.pool.url=ThreadPool.do
transaction.timeout=100000

# UCONN CAS server URL for rics
cas.context.name=cas
cas.url=https://login.uconn.edu/cas
cas.login.url=${cas.url}/login
cas.server.url.prefix=https://login.uconn.edu/cas
cas.server.login.url=https://login.uconn.edu/cas/login
cas.server.name=${application.url}
cas.require.https=false
cas.validate.password=false
cas.validate.url=${cas.url}/serviceValidate
cas.require.https" override="false=false
cas.validate.password=false


default.chart.code=UC

# since rice is defaulting the environment to dev and not allowing override, we can't just use ${environment}
build.environment=${environment}

workflow.documentsearch.base.url=${application.url}/DocumentSearch.do?docFormKey=88888888&returnLocation=${application.url}/portal.do&hideReturnLink=true

externalizable.static.content.url=${application.url}/static
externalizable.images.url=${externalizable.static.content.url}/images/
externalizable.help.url=${externalizable.static.content.url}/help/
externalizable.help.url.default=default.htm

batch.transaction.timeout=500000

# Email Properties
mail.relay.server=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]
mailing.list.batch=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]

KualiExceptionIncidentServiceImpl.REPORT_MAIL_LIST=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]
mail.smtp.host=[[Please set this in your C:/Users/rlr15105/kfs-build.properties file.]]
mail.transport.protocol=smtp
real.notifications.enabled=true
nonproduction.notification.mailing.list=


# KIM Properties
kim.show.blank.qualifiers=true

session.document.cache.size = 1000

# log4j file for Rice

# Unifier Integration Properties
unifier.security.enabled=false
unifier.api.url=${unifier.test.api.url}
#
#
# ldap mapping information
#
ldap.attr.entityId=uid
ldap.attr.principalName=uid

ldap.attr.firstName=givenName
ldap.attr.middleName=initials
ldap.attr.lastName=sn
ldap.attr.fullName=cn
ldap.attr.displayName=displayName
ldap.attr.title=title
ldap.attr.email=mail
ldap.attr.phoneNumber=publishedTelephoneNumber
ldap.attr.date.of.birth=uconnPersonDateOfBirth
ldap.attr.employeeId=uconnPersonEmplID
ldap.attr.payrollId=uconnPersonPayrollID
ldap.attr.deptNumber=departmentNumber
ldap.attr.deptName=uconnDepartment
ldap.attr.employeeType=
ldap.attr.employeeStatus=
ldap.attr.building=buildingName
ldap.attr.street=street
ldap.attr.postalAddr=postalAddress
ldap.attr.postalCode=postalCode
ldap.attr.registeredAddr=registeredAddress
ldap.attr.city=
ldap.attr.state=st
ldap.attr.country=
ldap.attr.zipCode=
ldap.attr.campus=l
ldap.attr.primaryAffiliation=eduPersonPrimaryAffiliation
ldap.attr.affiliation=eduPersonAffiliation
ldap.attr.uconnPerson.affiliation=uconnPersonAffiliation
ldap.attr.uconnPublished=uconnPublished
ldap.attr.uconnPublished.email=uconnPublishedEmail
ldap.attr.personEntitlement=eduPersonEntitlement
ldap.attr.unit=uconnUnit
##
ldap.defaultCountryCode=US
ldap.objectClass=objectClass
ldap.campusMappings=Storrs=01,Hartford=02,Stamford=03,Torrington=04,Waterbury=05,Avery Point=06,Health Center=07,Extension Services=08 \u00a0 \u00a0 \u00a0
ldap.cityZipMappings=Storrs=06269,Hartford=06117,Stamford=06901,Torrington=06790,Waterbury=06702,Avery Point=06340,Health Center=06030,Extension Services=000000
ldap.defaultCampusCode=
ldap.defaultCityCode=
ldap.defaultStateCode=CT
ldap.defaultCountryCode=US
ldap.defaultZipCode=
ldap.search.limit=5000
ldap.ids.to.skip=2,KFS2,kr,kfs,admin,notsys
ldap.student.affiliation=student
ldap.pattern.phoneNumberKimFormat=%s-%s-%s
ldap.pattern.phoneNumberLdapRegex=.*([0-9]{3}).*([0-9]{3}).*([0-9]{4})
ldap.principalAlwaysActive=true
ldap.employeeTypeMappings=
ldap.employeeStatusMappings=true=A,false=T
ldap.affiliationMappings=STAFF=staff,FCLTY=faculty,STDNT=student,AFLT=affiliate
kim.entityTitleLength=20

skip.batch.directory.initiation=false

# indicates whether schema validation should be built from data dictionary, otherwise validation is basic xsd types only
use.dd.schema.validation=false

the institution specific css files that should be available to every non-portal page in the application
# IMPORTANT! The env.css might need to be removed in production.
institution.portal.css.files=,css/uconn_portal.css,css/env.css

unifier.production.security.enabled=true
unifier.test.security.enabled=true
unifier.production.api.url=http://pu.grove.ad.uconn.edu/UnifierWS
unifier.test.api.url=http://puint.grove.ad.uconn.edu/UnifierWS

userOptions.default.emailAgingNotification3=30 days

# B2B Integration Propertiessys/api/v1/system/environment
b2b.environment=test
b2b.punch.back.action.forwarding.url=/portal.do?channelTitle=Requisition&channelUrl=purapRequisition.do?methodToCall=displayB2BRequisition
b2b.punch.back.url=${application.url}/b2b.do?methodToCall=returnFromShopping
b2b.punch.out.url=http://usertest.sciquest.com/apps/Router/ExternalAuth/cXML/UCONN
b2b.purchase.order.url=https://usertest-messages.sciquest.com/apps/Router/POXMLImport
#
#Jaggaer Huskybuy url properties.
b2b.prvalidation.url=${b2b.test.prvalidation.url}
b2b.custom.field.url=${b2b.test.custom.field.url}
b2b.supplier.sync.url=${b2b.test.supplier.sync.url}
b2b.invoice.status.url=${b2b.test.invoice.status.url}
b2b.user.url=${b2b.test.user.url}
b2b.requisition.url=${b2b.test.requisition.url}
b2b.jaggaer.url=${b2b.test.jaggaer.url}
jaggear.urn=urn:sciquest.com:solutions.sciquest.com:
#
# script runner 
repository.uri=https://bitbucket.uconn.edu/scm/kfs/dbscripts.git
repository.uri.test=https://bitbucket.uconn.edu/scm/kfs/dbscripts-test.git
repository.local=${base.directory}/work/git-repository/dbscripts
repository.user=KFSScriptRunner
repository.password=kFs@Scri9t3
kfs.script.repository=kfs-scripts
kfs.otf.script.file.path=${base.directory}/work/scriptRunner/kfs_OtfScrips.sql
script.archive.path=/archive
sqlplus.service.name=@KFSORA.world
#sqlplus.service.name=@KFSUPDEV.world 
sqlplus.path=/usr/lib/oracle/12.2/client64/bin/sqlplus

# aim
aim.api.url=${aim.test.api.url}
unifier.api.url=${unifier.test.api.url}

#
# concur
#
aeweb.travel.test.url=https://dev.aeweb.uconn.edu:8058
aeweb.travel.prod.url=https://prd.aeweb.uconn.edu:8058
aeweb.hris.test.url=https://dev.aeweb.uconn.edu:8057
aeweb.hris.prod.url=https://prd.aeweb.uconn.edu:8057

aeweb.travel.api.url=${aeweb.travel.test.url}
aeweb.hris.api.url=${aeweb.hris.test.url}
## gpg
concur.gpg.public.key.file=${security.directory}/pubring.gpg
concur.gpg.private.key.file=${security.directory}/secret-keys.gpg
## directories
concur.archive.directory=${staging.directory}/concur/archive
concur.export.directory=${staging.directory}/concur/export
concur.import.directory=${staging.directory}/concur/import
concur.extract.directory=${staging.directory}/concur/extract
concur.sftp.import.directory=out/
concur.sftp.export.directory=in/
concur.encrypt.file.extension=.txt.gpg
concur.decrypt.file.extension=.txt

concur.oauth2.test.endpoint=https://us-impl.api.concursolutions.com/oauth2/v0/token
concur.oauth2.prod.endpoint=https://us.api.concursolutions.com/oauth2/v0/token
concur.oauth2.endpoint=${concur.oauth2.test.endpoint}
concur.oauth2.location=us.api.concursolutions.com
[dac04010admin@updev ~]$ 




to JVM properties