Versions Compared

Old Version 39

changes.mady.by.user Hardy Pottinger

Saved on

compared with

New Version 61

changes.mady.by.user Mark H. Wood

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated for new GeoLite2-City database.

...

Maven is necessary in the first stage of the build process to assemble the installation package for your DSpace instance. It gives you the flexibility to customize DSpace using the existing Maven projects found in the [dspace-source]/dspace/modules directory or by adding in your own Maven project to build the installation package for DSpace, and apply any custom interface "overlay" changes.

Note
title*

If you will be building the Mirage 2 theme, you will need Maven 3.3.9 or above (see DS-2458 for details as to why).

...

  • Apache Tomcat 7 or later. Tomcat can be downloaded from the following location: http://tomcat.apache.org.
    • The Tomcat owner (i.e. the user that Tomcat runs as)  must have read/write access to the DSpace installation directory (i.e. [dspace])There are a few common ways this may be achieved:

      • One option is to specifically give the Tomcat user (often named "tomcat") ownership of the [dspace] directories, for example:

        Code Block
        # Change [dspace] and all subfolders to be owned by "tomcat"
chown -R tomcat:tomcat [dspace]


      • Another option is to have Tomcat itself run as a new user named "dspace" (see installation instructions below).  Some operating systems make modifying the Tomcat "run as" user easily modifiable via an environment variable named TOMCAT_USER.  This option may be more desireable if you have multiple Tomcat instances running, and you do not want all of them to run under the same Tomcat owner.
    • You need to ensure that Tomcat has a) enough memory to run DSpace and b) uses UTF-8 as its default file encoding for international character support. So ensure in your startup scripts (etc) that the following environment variable is set: JAVA_OPTS="-Xmx512M -Xms64M -Dfile.encoding=UTF-8"

    • Modifications in [tomcat]/conf/server.xml : You also need to alter Tomcat's default configuration to support searching and browsing of multi-byte UTF-8 correctly. You need to add a configuration option to the <Connector> element in [tomcat]/config/server.xml: URIEncoding="UTF-8" e.g. if you're using the default Tomcat config, it should read:

      Code Block
      languagehtml/xml
      <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector port="8080
    • Note that DSpace will need to run as the same user as Tomcat, so you might want to install and run Tomcat as a user called 'dspace'. Set the environment variable TOMCAT_USER appropriately.
    • You need to ensure that Tomcat has a) enough memory to run DSpace and b) uses UTF-8 as its default file encoding for international character support. So ensure in your startup scripts (etc) that the following environment variable is set: JAVA_OPTS="-Xmx512M -Xms64M -Dfile.encoding=UTF-8"

    • Modifications in [tomcat]/conf/server.xml : You also need to alter Tomcat's default configuration to support searching and browsing of multi-byte UTF-8 correctly. You need to add a configuration option to the <Connector> element in [tomcat]/config/server.xml: URIEncoding="UTF-8" e.g. if you're using the default Tomcat config, it should read:

      Code Block
      languagehtml/xml
      <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector port="8080"
              maxThreads="150"
              minSpareThreads="25"
              maxSpareThreads="75"
              enableLookups="false"
              redirectPort="8443"
              acceptCountminSpareThreads="10025"
              connectionTimeoutenableLookups="20000false"
              disableUploadTimeoutredirectPort="true8443"
              URIEncodingconnectionTimeout="UTF-8"20000"
              disableUploadTimeout="true"
              URIEncoding="UTF-8"/>

      You may change the port from 8080 by editing it in the file above, and by setting the variable CONNECTOR_PORT in server.xml.  You should set the URIEncoding even if you are running Tomcat behind a proxy (Apache HTTPD, Nginx, etc.) via AJP.

    • Tomcat 8 and above is using at least Java 1.7 for JSP compilation. However, by default, Tomcat 7 uses Java 1.6 for JSP compilation. If you want to use Java 1.7 in your .jsp files, you have to change the configuration of Tomcat 7. Edit the file called web.xml in the configuration directory of your Tomcat instance (${CATALINA_HOME}/conf in Tomcat notation). Look for a servlet definition using the org.apache.jasper.servlet.JSPServlet servlet-class and add two init parameters compilerSourceVM and compilerTargetVM as you see it in the example below. Then restart Tomcat.

      Code Block
      languagexml
      title${CATALINA_BASE}/conf/web.xml
       <servlet>
        <servlet-name>jsp</servlet-name>
        <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
        <init-param>
            <param-name>fork</param-name>
            <param-value>false</param-value>
        </init-param>
        <init-param>
            <param-name>xpoweredBy</param-name>
            <param-value>false</param-value>
        </init-param>
        <init-param>
            <param-name>compilerSourceVM</param-name>
            <param-value>1.7</param-value>
        </init-param>
        <init-param>
            <param-name>compilerTargetVM</param-name>
            <param-value>1.7</param-value>
        </init-param>
        <load-on-startup>3</load-on-startup>
    </servlet>


  • Jetty or Caucho Resin DSpace will also run on an equivalent servlet Engine, such as Jetty (httphttps://www.mortbayeclipse.org/jetty/index.html) or Caucho Resin (http://www.caucho.com/). Jetty and Resin are configured for correct handling of UTF-8 by default.

Installation Instructions

Overview of Install Options

Git (code version control)

Currently, there is a known bug in DSpace 6.x where a third-party Maven Module expects git to be available (in order to support the ./dspace version commandline tool).  We are working on a solution within this ticket: 

Jira
serverDuraSpace JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDS-3418

For the time being, you can work around this problem by installing Git locally: https://git-scm.com/downloads

Installation Instructions

Overview of Install Options

Two different distributions are available for DSpace, both of which require you to build the distribution using Apache Maven 3. The steps that are required to execute the build are identical. In a Two different distributions are available for DSpace, both of which require you to build the distribution using Apache Maven 3. The steps that are required to execute the build are identical. In a nutshell, the binary release build will download pre-compiled parts of DSpace, while the building the source release will compile most of DSpace's source code on your local machine. 

...

This method gets you up and running with DSpace quickly and easily. It is identical in both the Default Release and Source Release distributions.

  1. Create the DSpace user . This needs to be the same user that (optional) .  As noted in the prerequisites above, Tomcat (or Jetty, etc.) will run as. e.g. as root run must run as an operating system user account that has full read/write access to the DSpace installation directory (i.e. [dspace]).  Either you must ensure the Tomcat owner also owns [dspace], OR you can create a new "dspace" user account, and ensure that Tomcat also runs as that account:

    Code Block
    useradd -m dspace


  2. Download the latest DSpace release. There are two version available with each release of DSpace: (dspace-n.x-release. and dspace-n.x-src-release.zzz); you only need to choose one. If you want a copy of all underlying Java source code, you should download the dspace-n.x-src-release.xxxWithin each version, you have a choice of compressed file format. Choose the one that best fits your environment.
    1. Alternatively, you may choose to check out the latest release from the DSpace GitHub Repository.  In this case, you'd be checking out the full Java source code.  You'd also want to be sure to checkout the appropriate tag or branch. For more information on using / developing from the GitHub Repository, see: Development with Git
  3. Unpack the DSpace software. After downloading the software, based on the compression file format, choose one of the following methods to unpack your software:

    1. Zip file. If you downloaded dspace-6.x-release.zip do the following:

      Code Block
      unzip dspace-6.x-release.zip


    2. .gz file. If you downloaded dspace-6.x-release.tar.gz do the following:

      Code Block
      gunzip -c dspace-6.x-release.tar.gz | tar -xf -


    3. .bz2 file. If you downloaded _dspace-6.x-release.tar.bz do the following:

      Code Block
      bunzip2 dspace-6.x-release.tar.bz | tar -xf -

      For ease of reference, we will refer to the location of this unzipped version of the DSpace release as [dspace-source] in the remainder of these instructions. After unpacking the file, the user may wish to change the ownership of the dspace-6.x-release to the "dspace" user. (And you may need to change the group).

  4. Database Setup
    • Also see "Relational Database" prerequisite notes above
    • PostgreSQL:
      • A PostgreSQL JDBC driver is configured as part of the default DSpace build. You no longer need to copy any PostgreSQL jars to get PostgreSQL installed.

      • Create a dspace database user (this user can have any name, but we'll assume you name them "dspace"). This is entirely separate from the dspace operating-system user created above:

        Code Block
        createuser --username=postgres --no-superuser --pwprompt dspace

        You will be prompted (twice) for a password for the new dspace user.  Then you'll be prompted for the password of the PostgreSQL superuser (postgres).

      • Create a dspace database, owned by the dspace PostgreSQL user. Similar to the previous step, this can only be done by a "superuser" account in PostgreSQL (e.g. postgres):

        Code Block
        createdb --username=postgres --owner=dspace --encoding=UNICODE dspace

        You will be prompted for the password of the PostgreSQL superuser (postgres).

      • Finally, you MUST enable the pgcrypto extension on your new dspace database.  Again, this can only be enabled by a "superuser" account (e.g. postgres)

        Code Block
        # Login to the database as a superuser, and enable the pgcrypto extension on this database
psql --username=postgres dspace -c "CREATE EXTENSION pgcrypto;"

        The "CREATE EXTENSION" command should return with no result if it succeeds. If it fails or throws an error, it is likely you are missing the required pgcrypto extension (see Database Prerequisites above).

        • Alternative method: How to enable pgcrypto via a separate database schema. While the above method of enabling pgcrypto is perfectly fine for the majority of users, there may be some scenarios where a database administrator would prefer to install extensions into a database schema that is separate from the DSpace tables. Developers also may wish to install pgcrypto into a separate schema if they plan to "clean" (recreate) their development database frequently. Keeping extensions in a separate schema from the DSpace tables will ensure developers would NOT have to continually re-enable the extension each time you run a "./dspace database clean". If you wish to install pgcrypto in a separate schema here's how to do that:

          Code Block
          # Login to the database as a superuser
psql --username=postgres dspace
# Create a new schema in this database named "extensions" (or whatever you want to name it)
CREATE SCHEMA extensions;
# Enable this extension in this new schema
CREATE EXTENSION pgcrypto SCHEMA extensions;
# DetermineGrant whatrights yourto database "search_path" is set to
# (the search_path is where your database will look for extensions)
SHOW search_path;
# Update your databasecall functions in the extensions schema to your dspace user
GRANT USAGE ON SCHEMA extensions TO dspace;


# Append "extensions" on the current session's "search_path" to(if alsoit searchdoesn't thealready newexist "extensions" schema. in search_path)
# You are just appending it onThe "search_path" config is the endlist of theschemas that existingPostgres comma-separated list.
ALTER DATABASE dspace SET search_path TO [existing-search_path-list],extensions;
# Grant rights to call functions in the extensions schema to your dspace user
GRANT USAGE ON SCHEMA extensions TO dspacewill use
SELECT set_config('search_path',current_setting('search_path') || ',extensions',false) WHERE current_setting('search_path') !~ '(^|,)extensions(,|$)';
# Verify the current session's "search_path" and make sure it's correct
SHOW search_path;
# Now, update the "dspace" Database to use the same "search_path" (for all future sessions) as we've set for this current session (i.e. via set_config() above)
ALTER DATABASE dspace SET search_path FROM CURRENT;


    • Oracle:

      • Setting up DSpace to use Oracle is a bit different now. You will need still need to get a copy of the Oracle JDBC driver, but instead of copying it into a lib directory you will need to install it into your local Maven repository. (You'll need to download it first from this location: http://www.oracle.com/technetwork/database/enterprise-edition/jdbc-112010-090769.html.) Run the following command (all on one line):

        Code Block
        mvn install:install-file
    -Dfile=ojdbc6.jar
    -DgroupId=com.oracle
    -DartifactId=ojdbc6
    -Dversion=11.2.0.4.0
    -Dpackaging=jar
    -DgeneratePom=true


      • You need to compile DSpace with an Oracle driver (ojdbc6.jar) corresponding to your Oracle version - update the version in [dspace-source]/pom.xml  E.g.:

        Code Block
        languagehtml/xml
        <dependency>
  <groupId>com.oracle</groupId>
  <artifactId>ojdbc6</artifactId>
  <version>11.2.0.4.0</version>
</dependency>


      • Create a database for DSpace. Make sure that the character set is one of the Unicode character sets. DSpace uses UTF-8 natively, and it is required that the Oracle database use the same character set. Create a user account for DSpace (e.g. dspace) and ensure that it has permissions to add and remove tables in the database.

      • NOTE: You will need to ensure the proper db.* settings are specified in your local.cfg file (see next step), as the defaults for all of these settings assuming a PostgreSQL database backend.

        Code Block
        db.url = jdbc:oracle:thin:@host:port/SID
# e.g. db.url = jdbc:oracle:thin:@//localhost:1521/xe
# NOTE: in db.url, SID is the SID of your database defined in tnsnames.ora
# the default Oracle port is 1521
# You may also use a full SID definition, e.g.
# db.url = jdbc:oracle:thin:@(description=(address_list=(address=(protocol=TCP)(host=localhost)(port=1521)))(connect_data=(service_name=DSPACE)))

# Oracle driver and dialect
db.driver = oracle.jdbc.OracleDriver
db.dialect = org.hibernate.dialect.Oracle10gDialect

# Specify DB username, password and schema to use
db.username =
db.password =
db.schema = ${db.username}
# For Oracle, schema is equivalent to the username of your database account,
# so this may be set to ${db.username} in most scenarios

         

         

      • Later, during the Maven build step, don't forget to specify mvn -Ddb.name=oracle package

  5. Initial Configuration (local.cfg):  Create your own [dspace-source]/dspace/config/local.cfg configuration file (you may wish to simply copy the provided [dspace-source]/dspace/config/local.cfg.EXAMPLE). This local.cfg file can be used to store any configuration changes that you wish to make which are local to your installation (see local.cfg configuration file documentation). ANY setting may be copied into this local.cfg file from the dspace.cfg or any other *.cfg file in order to override the default setting (see note below).  For the initial installation of DSpace, there are some key settings you'll likely want to override, those are provided in the [dspace-source]/dspace/config/local.cfg.EXAMPLE. (NOTE: Settings followed with an asterisk (*) are highly recommended, while all others are optional during initial installation and may be customized at a later time)
    • dspace.dir* - must be set to the [dspace] (installation) directory  (NOTE: On Windows be sure to use forward slashes for the directory path!  For example: "C:/dspace" is a valid path for Windows.)
    • dspace.hostname - fully-qualified domain name of web server (or "localhost" if you just want to run DSpace locally for now)
    • dspace.baseUrl* - complete URL of this server's DSpace home page (including port), but without any context eg. /xmlui, /oai, etc.
    • dspace.name - "Proper" name of your server, e.g. "My Digital Library".
    • solr.server* - complete URL of the Solr server. DSpace makes use of Solr for indexing purposes.  
    • default.language - Default language for all metadata values (defaults to "en_US")
    • db.url* - The full JDBC URL to your database (examples are provided in the local.cfg.EXAMPLE)
    • db.driver* - Which database driver to use, based on whether you are using PostgreSQL or Oracle
    • db.dialect* - Which database dialect to use, based on whether you are using PostgreSQL or Oracle
    • db.username* - the database username used in the previous step.
    • db.password* - the database password used in the previous step.
    • db.schema* - the database scheme to use (examples are provided in the local.cfg.EXAMPLE)
    • mail.server - fully-qualified domain name of your outgoing mail server.
    • mail.from.address - the "From:" address to put on email sent by DSpace.
    • mail.feedback.recipient - mailbox for feedback mail.
    • mail.admin - mailbox for DSpace site administrator.
    • mail.alert.recipient - mailbox for server errors/alerts (not essential but very useful!)

    • mail.registration.notify- mailbox for emails when new users register (optional)

      Info
      titleYour local.cfg file can override ANY settings from other *.cfg files in DSpace

      The provided local.cfg.EXAMPLE only includes a small subset of the configuration settings available with DSpace. It provides a good starting point for your own local.cfg file.

      However, you should be aware that ANY configuration can now be copied into your local.cfg to override the default settings.  This includes ANY of the settings/configurations in:

      • The primary dspace.cfg file ([dspace]/config/dspace.cfg)
      • Any of the module configuration files ([dspace]/config/modules/*.cfg files)

      Individual settings may also be commented out or removed in your local.cfg, in order to re-enable default settings.

      See the Configuration Reference section for more details.


  6. DSpace Directory: Create the directory for the DSpace installation (i.e. [dspace]). As root (or a user with appropriate permissions), run:

    Code Block
    mkdir [dspace]
chown dspace [dspace]

    (Assuming the dspace UNIX username.)

  7. Build the Installation Package: As the dspace UNIX user, generate the DSpace installation package.

    Code Block
    cd [dspace-source]
mvn package


    Info
    titleBuilding with Oracle Database Support

    Without any extra arguments, the DSpace installation package is initialized for PostgreSQL. If you want to use Oracle instead, you should build the DSpace installation package as follows:
    mvn -Ddb.name=oracle package


    Info
    titleEnabling and building the Mirage 2 theme (for XMLUI)

    Mirage 2 is a responsive theme for the XML User Interface, added as a new feature in DSpace 5. It has not yet replaced the Mirage 1 theme as the XMLUI default theme.
    The Mirage 2 build requires git to be installed on your server. Install git before attempting the Mirage 2 build. 

    To enable Mirage 2, add the following to the  <themes>  section of  [dspace-source]/dspace/config/xmlui.xconf , replacing the currently active theme:
     

               
    <theme name="Mirage 2" regex=".*" path="Mirage2/" />

    It is important to do this before executing the maven build.

    Mirage 2 is not yet activated in the default "mvn package" build. To include it as part of the build, run: 

    mvn

    package

    -Dmirage2.on=true

    The speed of this specific step of the build can be increased by installing local copies of the specific dependencies required for building Mirage 2. The Mirage 2 developer documentation provides detailed instructions for these installations. After the installation of these dependencies, you can choose to run:

        
        mvn package -Dmirage2.on=true -Dmirage2.deps.included=false

    Warning Warning: The Mirage 2 build process should NOT be run as "root". It must be run as a non-root user. For more information see: Mirage 2 Common Build Issues


  8. Install DSpace: As the dspace UNIX user, install DSpace to [dspace]:

    Code Block
    cd [dspace-source]/dspace/target/dspace-installer
ant fresh_install


    Info

    To see a complete list of build targets, run: ant help The most likely thing to go wrong here is the test of your database connection. See the Common Problems Section below for more details.


  9. Decide which DSpace Web Applications you want to install. DSpace comes with a variety of web applications (in [dspace]/webapps), each of which provides a different "interface" to your DSpace.  Which ones you install is up to you, but there are a few that we highly recommend (see below):

    1. "xmlui" = This is the XML-based User Interface (XMLUI), based on Apache Cocoon. It comes with a variety of out-of-the-box themes, including Mirage 1 (the default) and Mirage 2 (based on Bootstrap). Between the "xmlui" and "jspui", you likely only need to choose one.

    2. "jspui" = This is the JSP-based User Interface (JSPUI), which is based on BootstrapBetween the "xmlui" and "jspui", you likely only need to choose one.

    3. "solr" (required) = This is Apache Solr web application, which is used by the "xmlui" and "jspui" (for search & browse functionality), as well as the OAI-PMH interface. It must be installed in support of either UI.

    4. "oai" = This is the DSpace OAI interface. It allows for Metadata and Bitstream (content-file) harvesting, supporting OAI-PMH (Protocol for Metadata Harvest) and OAI-ORE (Object Reuse and Exchange) protocols
    5. "rdf" = This is the DSpace RDF interface supporting Linked (Open) Data.
    6. "rest" = This is the DSpace REST API
    7. "sword" = This is the DSpace SWORDv1 interface. More info on SWORD protocol and its usage.
    8. "swordv2" = This is the DSpace SWORDv2 interface. More info on SWORD protocol and its usage.
  10. Deploy Web Applications:
    Anchor
    deployment
    deployment
    Please note that in the first instance you should refer to the appropriate documentation for your Web Server of choice. The following instructions are meant as a handy guide. You have two choices or techniques for having Tomcat/Jetty/Resin serve up your web applications: 

    • Technique A. Tell your Tomcat/Jetty/Resin installation where to find your DSpace web application(s). As an example, in the directory [tomcat]/conf/Catalina/localhost you could add files similar to the following (but replace [dspace]with your installation location):

      Code Block
      languagehtml/xml
      titleDEFINE A CONTEXT FOR DSpace XML User Interface: xmlui.xml
      <?xml version='1.0'?>
<Context
	docBase="[dspace]/webapps/xmlui"
	reloadable="true"
	cachingAllowed="false"/>


      Code Block
      languagehtml/xml
      titleDEFINE A CONTEXT PATH FOR DSpace JSP User Interface: jspui.xml
      <?xml version='1.0'?>
<Context
	docBase="[dspace]/webapps/jspui"
	reloadable="true"
	cachingAllowed="false"/>


      Code Block
      titleDEFINE A CONTEXT PATH FOR DSpace Solr index: solr.xml
      <?xml version='1.0'?>
<Context
	docBase="[dspace]/webapps/solr"
	reloadable="true"
	cachingAllowed="false"/>


      Code Block
      languagehtml/xml
      titleDEFINE A CONTEXT PATH FOR DSpace OAI User Interface: oai.xml
      <?xml version='1.0'?>
<Context
	docBase="[dspace]/webapps/oai"
	reloadable="true"
	cachingAllowed="false"/>


      Code Block
      languagexml
      titleDEFINE ADDITIONAL CONTEXT PATHS FOR OTHER DSPACE WEB APPLICATIONS (REST, SWORD, RDF, etc.): \[app\].xml
      <?xml version='1.0'?>
<!-- CHANGE THE VALUE OF "[app]" FOR EACH APPLICATION YOU WISH TO ADD -->
<Context
	docBase="[dspace]/webapps/[app]"
	reloadable="true"
	cachingAllowed="false"/>

      The name of the file (not including the suffix ".xml") will be the name of the context, so for example xmlui.xml defines the context at http://host:8080/xmlui.  To define the root context (http://host:8080/), name that context's file ROOT.xml.

      Note
      titleTomcat Context Settings in Production

      The above Tomcat Context Settings show adding the following to each <Context> element:

      reloadable="true" cachingAllowed="false"

      These settings are extremely useful to have when you are first getting started with DSpace, as they let you tweak the DSpace XMLUI (XSLTs or CSS) or JSPUI (JSPs) and see your changes get automatically reloaded by Tomcat (without having to restart Tomcat).   However, it is worth noting that the Apache Tomcat documentation recommends Production sites leave the default values in place (reloadable="false" cachingAllowed="true"), as allowing Tomcat to automatically reload all changes may result in "significant runtime overhead". 

      It is entirely up to you whether to keep these Tomcat settings in place.  We just recommend beginning with them, so that you can more easily customize your site without having to require a Tomcat restart.  Smaller DSpace sites may not notice any performance issues with keeping these settings in place in Production.  Larger DSpace sites may wish to ensure that Tomcat performance is more streamlined.


    • Technique B. Simple and complete. You copy only (or all) of the DSpace Web application(s) you wish to use from the [dspace]/webapps directory to the appropriate directory in your Tomcat/Jetty/Resin installation. For example:
      cp -R [dspace]/webapps/* [tomcat]/webapps* (This will copy all the web applications to Tomcat).
      cp -R [dspace]/webapps/jspui [tomcat]/webapps* (This will copy only the jspui web application to Tomcat.)

      To define the root context (http://host:8080/), name that context's directory ROOT.

  11. Administrator Account:  Create an initial administrator account from the command line:

    Code Block
    [dspace]/bin/dspace create-administrator


  12. Initial Startup!  Now the moment of truth! Start up (or restart) Tomcat/Jetty/Resin. Visit the base URL(s) of your server, depending on which DSpace web applications you want to use. You should see the DSpace home page. Congratulations! Base URLs of DSpace Web Applications:

...

  1. For Production use: Follow this procedure to set up SSL on your server. Using a "real" server certificate ensures your users' browsers will accept it without complaints. In the examples below, $CATALINA_BASE is the directory under which your Tomcat is installed.

    1. Create a Java keystore for your server with the password changeit, and install your server certificate under the alias "tomcat". This assumes the certificate was put in the file server.pem:

      Code Block
      $JAVA_HOME/bin/keytool -import -noprompt -v -storepass changeit
	-keystore $CATALINA_BASE/conf/keystore -alias tomcat -file
	myserver.pem


    2. Install the CA (Certifying Authority) certificate for the CA that granted your server cert, if necessary. This assumes the server CA certificate is in ca.pem:

      Code Block
      $JAVA_HOME/bin/keytool -import -noprompt -storepass changeit
	-trustcacerts -keystore $CATALINA_BASE/conf/keystore -alias ServerCA
	-file ca.pem


    3. Optional – ONLY if you need to accept client certificates for the X.509 certificate stackable authentication module See the configuration section for instructions on enabling the X.509 authentication method. Load the keystore with the CA (certifying authority) certificates for the authorities of any clients whose certificates you wish to accept. For example, assuming the client CA certificate is in client1.pem:

      Code Block
      $JAVA_HOME/bin/keytool -import -noprompt -storepass changeit
	-trustcacerts -keystore $CATALINA_BASE/conf/keystore  -alias client1
	-file client1.pem


    4. Now add another Connector tag to your server.xml Tomcat configuration file, like the example below. The parts affecting or specific to SSL are shown in bold. (You may wish to change some details such as the port, pathnames, and keystore password)

      Code Block
      languagehtml/xml
      <Connector port="8443"
              URIEncoding="UTF-8"
              maxThreads minSpareThreads="150" minSpareThreads="25"
              enableLookups="false"
              disableUploadTimeout="true"
              acceptCount="100"
              scheme="https" secure="true" sslProtocol="TLS"
              keystoreFile="conf/keystore" keystorePass="changeit"
              clientAuth="true" - ONLY if using client X.509 certs for authentication!
              truststoreFile="conf/keystore" truststorePass="changeit" />

      Also, check that the default Connector is set up to redirect "secure" requests to the same port as your SSL connector, e.g.:

      Code Block
      languagehtml/xml
      <Connector port="8080"
              maxThreads="150" minSpareThreads="25"
              enableLookups="false"
              redirectPort="8443"
              acceptCount="100" />


  2. Quick-and-dirty Procedure for Testing: If you are just setting up a DSpace server for testing, or to experiment with HTTPS, then you don't need to get a real server certificate. You can create a "self-signed" certificate for testing; web browsers will issue warnings before accepting it, but they will function exactly the same after that as with a "real" certificate. In the examples below, $CATALINA_BASE is the directory under which your Tomcat is installed.

    1. Create a new key pair under the alias name "tomcat". When generating your key, give the Distinguished Name fields the appropriate values for your server and institution. CN should be the fully-qualified domain name of your server host. Here is an example:

      Code Block
      $JAVA_HOME/bin/keytool -genkey \
  -alias tomcat \
  -keyalg RSA \
  -keysize 1024 \
  -keystore $CATALINA_BASE/conf/keystore \
  -storepass changeit \
  -validity 365 \
  -dname 'CN=dspace.myuni.edu, OU=MIT Libraries, O=Massachusetts Institute of Technology, L=Cambridge, S=MA, C=US'

      You should be prompted for a password to protect the private key.

      Since you now have a signed server certificate in your keystore you can, obviously, skip the next steps of installing a signed server certificate and the server CA's certificate.

    2. Optional – ONLY if you need to accept client certificates for the X.509 certificate stackable authentication module See the configuration section for instructions on enabling the X.509 authentication method. Load the keystore with the CA (certifying authority) certificates for the authorities of any clients whose certificates you wish to accept. For example, assuming the client CA certificate is in client1.pem:

      Code Block
      $JAVA_HOME/bin/keytool -import -noprompt -storepass changeit \
  -trustcacerts -keystore $CATALINA_BASE/conf/keystore -alias client1 \
  -file client1.pem


    3. Follow the procedure in the section above to add another Connector tag, for the HTTPS port, to your server.xml file.

...

Warning

When using Apache 2.4.2 (and lower) in front of a DSpace webapp deployed in Tomcat, mod_proxy_ajp and possibly mod_proxy_http breaks the connection to the back end (Tomcat) prematurely leading to response mixups. This is reported as bug CVE-2012-3502 ( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3502 ) of Apache and fixed in Apache 2.4.3 (see  http://www.apache.org/dist/httpd/CHANGES_2.4). The 2.2.x branch hasn't shown this problem only the 2.4.x branch has.

...

To install your Handle resolver on the host where DSpace runs:

Note

We recommend configuring your Handle server without a passphrase, as the current DSpace start-handle-server scripts do not yet support startup with a passphrase.

If you choose to set a passphrase, you may need to start the Handle Server via: [dspace]\bin\dspace dsrun net.handle.server.Main [dspace]\handle-server

  1. To configure your DSpace installation to run the handle server, run the following command:

    Code Block
    [dspace]/bin/dspace make-handle-config [dspace]/handle-

    To configure your DSpace installation to run the handle server, run the following command:

    Code Block
    [dspace]/bin/dspace make-handle-config [dspace]/handle-server

    Ensure that [dspace]/handle-server matches whatever you have in dspace.cfg for the handle.dir property.

    1. If you are using Windows, the proper command is:

      Code Block
      [dspace]/bin/dspace dsrun net.handle.server.SimpleSetup [dspace]/handle-server

      Ensure that [dspace]/handle-server matches whatever you have in dspace.cfg for the handle.dir property.

  2. Edit the resulting [dspace]/handle-server/config.dct file to include the following lines in the "server_config"clause:

    Code Block
    "storage_type" = "CUSTOM"
"storage_class" = "org.dspace.handle.HandlePlugin"

    This tells the Handle server to get information about individual Handles from the DSpace code.

  3. Once the configuration file has been generated, you will need to go to http://hdl.handle.net/4263537/5014 to upload the generated sitebndl.zip file. The upload page will ask you for your contact information. An administrator will then create the naming authority/prefix on the root service (known as the Global Handle Registry), and notify you when this has been completed. You will not be able to continue the handle server installation until you receive further information concerning your naming authority.
  4. When CNRI has sent you your naming authority prefix, you will need to edit the config.dct file. The file will be found in /[dspace]/handle-server. Look for "300:0.NA/YOUR_NAMING_AUTHORITY". Replace YOUR_NAMING_AUTHORITY with the assigned naming authority prefix sent to you.

  5. Now start your handle server (as the dspace user):

    Code Block
    [dspace]/bin/start-handle-server

    1. If you are using Windows, there is a corresponding 'start-handle-server.bat' script:

      Code Block
      [dspace]/bin/start-handle-server.bat


...

  1. Download the CNRI Handle Software: http://www.handle.net/download.html. In the tarball you'll find an INSTALL.txt with installation instructions -- follow it.
  2. After installing the CNRI Handle Software you should have two directories: once that contains the CNRI software and one that contains the configuration of you local Handle Server. For the rest of this instruction we assume that the directory containing the CNRI Software is /hs/hsj-7.3.1 and the directory containing the configuration of your local server is /hs/srv_1.  (We use the same paths here as CNRIs INSTALL.txt.)
  3. Download the plugin from https://github.com/DSpace/Remote-Handle-Resolver/releases.  Select a release.  You can get the source and build it yourself, or just use the JAR file included in the release.  In either case, once you have a dspace-remote-handle-resolver-VERSION.jar, copy it to the directory containing the CNRI software (/hs/hsj-7.3.1/lib). 
  4. Create the directory /hs/srv_1/logs.

  5. Create the following two files in /hs/srv_1.

    log4j-handle-plugin.properties

     

    log4j.rootCategory=INFO, A1
    log4j.appender.A1=org.apache.log4j.DailyRollingFileAppender
    log4j.appender.A1.File=/hs/srv_1/logs/handle-plugin.log
    log4j.appender.A1.DatePattern= '.' yyyy-MM-dd
    log4j.appender.A1.layout=org.apache.log4j.PatternLayout
    log4j.appender.A1.layout.ConversionPattern=%d %-5p %c @ %m%n
    log4j.logger.org.apache.axis.handlers.http.HTTPAuthHandler=INFO

     

    Change the path in the third line, if necessary.

    handle-dspace-plugin.cfg

     

    dspace.handle.endpoint1 = http: //example.org/dspace/handleresolver

     

    If you are using XMLUI take a look in [dspace-install]/config/dspace.cfg, change the URL above to the value of your dspace.url and add /handleresolver to the end of it. If you are using JSPUI take a look in [dspace-install]/config/dspace.cfg, change the URL above to the value of your dspace.url and add /json/hdlresolver to the end of it. If you run more than one DSpace Installation, you may add more DSpace Endpoints.  Just increase the number at the end of the key for each:  endpoint2, endpoint3....

  6. Edit the file /hs/srv_1/config.dct to include the following lines in the " server_config" clause:

     

    "storage_type" = "CUSTOM"
    "storage_class" = "org.dspace.handle.MultiRemoteDSpaceRepositoryHandlePlugin"


  7. Copy /hs/hsj-7.3.1/bin/hdl-server to /hs/srv_1/start-hdl-server.
  8. Edit /hs/srv_1/start-hdl-server:
    1. Find the last line that begins with HDLHOME=
    2. Below that line add the following one: HDLHOME="/hs/hsj-7.3.1/"
    3. Find a line that contains exec java ... net.handle.server.Main ...
    4. Add "-Dlog4j.configuration=file:///hs/srv_1/log4j-handle-plugin.properties -Ddspace.handle.plugin.configuration=/hs/srv_1/handle-dspace-plugin.cfg" right in front of net.handle.server.Main.
  9. If your handle server is running, stop it.
  10. From now on you should start this handle server using /hs/srv_1/start-hdl-server

...

When running [dspace]/bin/dspace generate-sitemaps the script informs Google that the sitemaps have been updated. For this update to register correctly, you must first register your Google sitemap index page (/dspace/sitemap) with Google at http://www.google.com/webmasters/sitemaps/. If your DSpace server requires the use of a HTTP proxy to connect to the Internet, ensure that you have set http.proxy.host and http.proxy.port in [dspace]/config/dspace.cfg

The URL for pinging Google, and in future, other search engines, is configured in [dspace]/config/dspace.cfg using the sitemap.engineurls setting where you can provide a comma-separated list of URLs to 'ping'.

You can generate the sitemaps automatically every day using an additional cron job:

Code Block
# Generate sitemaps at 6:00 am local time each day
0 6 * * * [dspace]/bin/dspace generate-sitemaps
Info

More information on why we highly recommend enabling sitemaps can be found at Search Engine Optimization (SEO).

Statistics

http.proxy.host and http.proxy.port in [dspace]/config/dspace.cfg

The URL for pinging Google, and in future, other search engines, is configured in [dspace]/config/dspace.cfg using the sitemap.engineurls setting where you can provide a comma-separated list of URLs to 'ping'.

You can generate the sitemaps automatically every day using an additional cron job:

Code Block
# Generate sitemaps at 6:00 am local time each day
0 6 * * * [dspace]/bin/dspace generate-sitemaps


Info

More information on why we highly recommend enabling sitemaps can be found at Search Engine Optimization (SEO).

Statistics

DSpace uses the Apache Solr application underlaying the statistics. There is no need to download any separate software. All the necessary software is included. To understand all of the configuration property keys, the user should refer to DSpace Statistic Configuration for detailed information.

External database connection pool

Before it builds a pool of database connections, DSpace always tries to look up an existing, pre-configured pool in a directory service (if such a service is provided). Many web application containers supply such a service and can be configured to provide the connection pool to DSpace. If DSpace does not find a pre-configured pool, each web application will fall back to creating its own pool using the settings in local.cfg.

There are some advantages to using an external database pool:

  • You can share one pool among several of DSpace's web applications—or even all of them. This can help economize database connections when one application uses many and another few. For example, if XMLUI needs 30 connections to run well at your site under peak load and OAI-PMH needs 5, you could connect them both to a pool of 35 connections, instead of letting each take 30 for a total of 60.
  • You can have different pool sizes for the web applications and the command line tools. For example, configure an external pool with generous settings for the web applications, and a much smaller pool for the command line applications in local.cfg. Note: the command line tools cannot use an externally configured pool, and always use the settings in local.cfg to build their own pool.
  • External database pooling often allows for more granular configuration of pool parameters and can even provide better performance than DSpace's fallback pooling (see the Tomcat JDBC Connection Pool documentation for more information).

DSpace applications will specifically look for an object named jdbc/dspace. The name is not configurable, but is specified in config/spring/api/core-hibernate.xml if you must know. You must configure the name of the directory object provided to your web application context(s) to match this. See below for an example in Tomcat.

An example in Tomcat

First, you must make the JDBC driver for your database available to Tomcat. For example, the latest PostgreSQL JDBC driver can be downloaded from the PostgreSQL project website and placed in Tomcat's lib directory. The exact location of this directory varies depending on your operating system and Tomcat version, but on Ubuntu 16.04 with Tomcat 7 the location would be /usr/share/tomcat7/lib.

Then add a <Resource> in Tomcat's server.xml to define the pool. The pool name here is global and can be anything you want:

Code Block
languagexml
titleserver.xml
  <GlobalNamingResources>
...
    <Resource
        name='jdbc/instance'
        description='Our DSpace DBMS connection pool'
        type='javax.sql.DataSource'
        auth='Container'
        username='USER'
        password='SECRET'
        driverClassName='org.postgresql.Driver'
        url='jdbc:postgresql://dbms.example.com:5432/dspace'
        initialSize='5'
        maxTotal='50'
        maxIdle='15'
        minIdle='5'
        maxWaitMillis='5000'
        />
...
  </GlobalNamingResources>

Then add a <ResourceLink> to each web application's context configuration. The name parameter here is local to the application context, and must be jdbc/dspace:

Code Block
languagexml
<Context
...
  <ResourceLink
    name='jdbc/dspace'
    global='jdbc/instance'
    type='javax.sql.DataSource'
   />
...
</Context>

Notice that the global parameter in the ResourceLink matches the name of the global Resource. See the JNDI Datasource HOW-TO for more information about this configurationDSpace uses the Apache Solr application underlaying the statistics. There is no need to download any separate software. All the necessary software is included. To understand all of the configuration property keys, the user should refer to DSpace Statistic Configuration for detailed information.

Windows Installation

Essentially installing on Windows is the same as installing on Unix so please refer back to the main Installation Instructions section section.

  • Download the DSpace source from SourceForge GitHub and unzip it (WinZip will do this)
  • If you install PostgreSQL, it's recommended to select to install the pgAdmin III tool. It provides a nice User Interface for interacting with PostgreSQL databases.
  • For all path separators use forward slashes (e.g. "/"). For example: "C:/dspace" is a valid Windows path.  But, be warned that "C:\dspace" IS INVALID and will cause errors.

...

  • Database errors occur when you run ant fresh_install: There are two common errors that occur.

    • If your error looks like this:

      Code Block
      [java] 2004-03-25 15:17:07,730 INFO
	    org.dspace.storage.rdbms.InitializeDatabase @ Initializing Database
[java] 2004-03-25 15:17:08,816 FATAL
	    org.dspace.storage.rdbms.InitializeDatabase @ Caught exception:
[java] org.postgresql.util.PSQLException: Connection refused. Check
	    that the hostname and port are correct and that the postmaster is
	    accepting TCP/IP connections.
[java]     at
	    org.postgresql.jdbc1.AbstractJdbc1Connection.openConnection(AbstractJd
bc1Connection.java:204)
[java]     at org.postgresql.Driver.connect(Driver.java:139)

      it usually means you haven't yet added the relevant configuration parameter to your PostgreSQL configuration (see above), or perhaps you haven't restarted PostgreSQL after making the change. Also, make sure that the db.username and db.password properties are correctly set in [dspace]/config/dspace.cfg. An easy way to check that your DB is working OK over TCP/IP is to try this on the command line:

      Code Block
      psql -U dspace -W -h localhost

      Enter the dspace database password, and you should be dropped into the psql tool with a dspace=> prompt.

    • Another common error looks like this:

      Code Block
      [java] 2004-03-25 16:37:16,757 INFO
	    org.dspace.storage.rdbms.InitializeDatabase @ Initializing Database
[java] 2004-03-25 16:37:17,139 WARN
	    org.dspace.storage.rdbms.DatabaseManager @ Exception initializing DB
	    pool
[java] java.lang.ClassNotFoundException: org.postgresql.Driver
[java]     at java.net.URLClassLoader$1.run(URLClassLoader.java:198)
[java]     at java.security.AccessController.doPrivileged(Native
	   Method)
[java]     at
	   java.net.URLClassLoader.findClass(URLClassLoader.java:186)

      This means that the PostgreSQL JDBC driver is not present in [dspace]/lib. See above.

  • GeoLiteCity GeoLite2-City Database file fails to download or install, when you run ant fresh_install: There are two common errors that may occur:

    • If your error looks like this:

      Code Block
      [get] Error getting http://geolite.maxmind.com/download/geoip/database/GeoLiteCityGeoLite2-City.dattar.gz to /usr/local/dspace/config/GeoLiteCityGeoLite2-City.dattar.gz

BUILD FAILED
/dspace-release/dspace/target/dspace-installer/build.xml:931: java.net.ConnectException: Connection timed out

      it means that you likely either (a) don't have an internet connection to download the necessary GeoLite Database file (used for DSpace Statistics), or (b) the GeoLite Database file's URL is no longer valid.

    • Another common message looks like this:

      Code Block
      [echo] WARNING : FAILED TO DOWNLOAD GEOLITE DATABASE FILE
[echo]          (Used for DSpace Solr Usage Statistics)

      Again, this means the GeoLite Database file cannot be downloaded or is unavailable for some reason. You should be able to resolve this issue by following the   "Manually Installing/Updating GeoLite Database File" instructions.

General DSpace Issues

...