Versions Compared

Old Version 3

changes.mady.by.user Charles Kiplagat

Saved on

compared with

New Version 4

changes.mady.by.user Charles Kiplagat

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This was written for DSpace Version 1.4.1.

Background

The Java Servlet 2.4 specification, also known as JSR 154, defines an environment in which Java Servlets are run to provide services through a Web server. It standardizes the configuration (at the container level) as well as an API, and a packaging/delivery mechanism (WAR files).

...

DSpace is deployed as a conforming Java Servlet that can be expected to run in any servlet container implementing the correct version of the servlet spec.

See Also

  • Consult the DspaceOnStandardPorts page for details about setting up your server so a Java Servlet container responds to the standard HTTP and HTTPS ports.
  • Read the DSpace system documentation for your release:
    • Be familiar with the configuration procedure for the Web UI
    • It also contains some details about installing and configuring Tomcat for SSL.

Configuring Tomcat 5.0

This section has details for Apache Tomcat 5.0, which may need alteration for later releases of Tomcat.

...

  1. Configure Tomcat with an HTTP port and an HTTPS port to which it can automatically redirect servlets that require encryption.
  2. Modify the webapp configuration file for the DSpace Web UI to demand encryption on the sensitive pages.
  3. Deploy and test.

Tomcat Server Configuration

First get familiar with how a Tomcat server is configured.

...

Don't forget to check the Tomcat SSL how-to for everything else you'll need to configure to implement SSL on Tomcat.

Webapp Configuration

To configure your webapp, you have to modify the web.xml configuration file. In the running server, this will be in the relative path WEB-INF/web.xml under the webapp's directory, e.g. tomcat/webapps/dspace/WEB-INF/web.xml. However, it comes from the WAR file when that is deployed, so to change it permanently you'll have to go to the DSpace source directory.

...

After modifying the web.xml file, rebuild the WAR files and deploy the new dspace.war, and restart the servlet container so you can be sure it is the running version of the webapp.

Final steps

If this proves useful, consider making a patch to include the security-constraint element as a commented-out section in the copy of etc/dspace-web.xml in the DSpace source, so a site administrator could enable it by removing the comments.