All Versions
- DSpace 7.x (Current Release)
- DSpace 8.x (Unreleased)
- DSpace 6.x (EOL)
- DSpace 5.x (EOL)
- More Versions...
...
[dspace]
). There are a few common ways this may be achieved:One option is to specifically give the Tomcat user (often named "tomcat") ownership of the [dspace] directories, for example:
Code Block |
---|
# Change [dspace] and all subfolders to be owned by "tomcat" chown -R tomcat:tomcat [dspace] |
Modifications in [tomcat]/conf/server.xml : You also need to alter Tomcat's default configuration to support searching and browsing of multi-byte UTF-8 correctly. You need to add a configuration option to the <Connector> element in [tomcat]/config/server.xml: URIEncoding="UTF-8" e.g. if you're using the default Tomcat config, it should read:
Code Block | ||
---|---|---|
| ||
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector port="8080"
minSpareThreads="25"
enableLookups="false"
redirectPort="8443"
acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true"
URIEncoding="UTF-8"/>
|
You may change the port from 8080 by editing it in the file above, and by setting the variable CONNECTOR_PORT in server.xml. You should set the URIEncoding even if you are running Tomcat behind a proxy (Apache HTTPD, Nginx, etc.) via AJP.
Tomcat 8 and above is using at least Java 1.7 for JSP compilation. However, by default, Tomcat 7 uses Java 1.6 for JSP compilation. If you want to use Java 1.7 in your .jsp files, you have to change the configuration of Tomcat 7. Edit the file called web.xml in the configuration directory of your Tomcat instance (${CATALINA_HOME}/conf in Tomcat notation). Look for a servlet definition using the org.apache.jasper.servlet.JSPServlet servlet-class and add two init parameters compilerSourceVM
and compilerTargetVM
as you see it in the example below. Then restart Tomcat.
Code Block | ||||
---|---|---|---|---|
| ||||
<servlet> <servlet-name>jsp</servlet-name> <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class> <init-param> <param-name>fork</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>xpoweredBy</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>compilerSourceVM</param-name> <param-value>1.7</param-value> </init-param> <init-param> <param-name>compilerTargetVM</param-name> <param-value>1.7</param-value> </init-param> <load-on-startup>3</load-on-startup> </servlet> |
...
Create a Java keystore for your server with the password changeit, and install your server certificate under the alias "tomcat". This assumes the certificate was put in the file server.pem:
Code Block |
---|
$JAVA_HOME/bin/keytool -import -noprompt -v -storepass changeit -keystore $CATALINA_BASE/conf/keystore -alias tomcat -file myserver.pem |
Install the CA (Certifying Authority) certificate for the CA that granted your server cert, if necessary. This assumes the server CA certificate is in ca.pem:
Code Block |
---|
$JAVA_HOME/bin/keytool -import -noprompt -storepass changeit -trustcacerts -keystore $CATALINA_BASE/conf/keystore -alias ServerCA -file ca.pem |
Optional – ONLY if you need to accept client certificates for the X.509 certificate stackable authentication module See the configuration section for instructions on enabling the X.509 authentication method. Load the keystore with the CA (certifying authority) certificates for the authorities of any clients whose certificates you wish to accept. For example, assuming the client CA certificate is in client1.pem:
Code Block |
---|
$JAVA_HOME/bin/keytool -import -noprompt -storepass changeit -trustcacerts -keystore $CATALINA_BASE/conf/keystore -alias client1 -file client1.pem |
Now add another Connector tag to your server.xml Tomcat configuration file, like the example below. The parts affecting or specific to SSL are shown in bold. (You may wish to change some details such as the port, pathnames, and keystore password)
Code Block | ||
---|---|---|
| ||
<Connector port="8443"
URIEncoding="UTF-8"
minSpareThreads="25"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
scheme="https" secure="true" sslProtocol="TLS"
keystoreFile="conf/keystore" keystorePass="changeit"
clientAuth="true" - ONLY if using client X.509 certs for authentication!
truststoreFile="conf/keystore" truststorePass="changeit" />
|
Also, check that the default Connector is set up to redirect "secure" requests to the same port as your SSL connector, e.g.:
Code Block | ||
---|---|---|
| ||
<Connector port="8080"
minSpareThreads="25"
enableLookups="false"
redirectPort="8443"
acceptCount="100" />
|
Create a new key pair under the alias name "tomcat". When generating your key, give the Distinguished Name fields the appropriate values for your server and institution. CN should be the fully-qualified domain name of your server host. Here is an example:
Code Block |
---|
$JAVA_HOME/bin/keytool -genkey \ -alias tomcat \ -keyalg RSA \ -keysize 1024 \ -keystore $CATALINA_BASE/conf/keystore \ -storepass changeit \ -validity 365 \ -dname 'CN=dspace.myuni.edu, OU=MIT Libraries, O=Massachusetts Institute of Technology, L=Cambridge, S=MA, C=US' |
You should be prompted for a password to protect the private key.
Since you now have a signed server certificate in your keystore you can, obviously, skip the next steps of installing a signed server certificate and the server CA's certificate.
Optional – ONLY if you need to accept client certificates for the X.509 certificate stackable authentication module See the configuration section for instructions on enabling the X.509 authentication method. Load the keystore with the CA (certifying authority) certificates for the authorities of any clients whose certificates you wish to accept. For example, assuming the client CA certificate is in client1.pem:
Code Block |
---|
$JAVA_HOME/bin/keytool -import -noprompt -storepass changeit \ -trustcacerts -keystore $CATALINA_BASE/conf/keystore -alias client1 \ -file client1.pem |
...
Note |
---|
We recommend configuring your Handle server without a passphrase, as the current DSpace If you choose to set a passphrase, you may need to start the Handle Server via: |
To configure your DSpace installation to run the handle server, run the following command:
Code Block |
---|
[dspace]/bin/dspace make-handle-config [dspace]/handle-server |
Ensure that [dspace]/handle-server matches whatever you have in dspace.cfg for the handle.dir property.
If you are using Windows, the proper command is:
Code Block |
---|
[dspace]/bin/dspace dsrun net.handle.server.SimpleSetup [dspace]/handle-server |
Ensure that [dspace]/handle-server matches whatever you have in dspace.cfg for the handle.dir property.
Edit the resulting [dspace]/handle-server/config.dct file to include the following lines in the "server_config"clause:
Code Block |
---|
"storage_type" = "CUSTOM" "storage_class" = "org.dspace.handle.HandlePlugin" |
This tells the Handle server to get information about individual Handles from the DSpace code.
Now start your handle server (as the dspace user):
Code Block |
---|
[dspace]/bin/start-handle-server |
If you are using Windows, there is a corresponding 'start-handle-server.bat' script:
Code Block |
---|
[dspace]/bin/start-handle-server.bat |
...
Essentially installing on Windows is the same as installing on Unix so please refer back to the main Installation Instructions section section.
...
ant fresh_install
: There are two common errors that occur.If your error looks like this:
Code Block |
---|
[java] 2004-03-25 15:17:07,730 INFO org.dspace.storage.rdbms.InitializeDatabase @ Initializing Database [java] 2004-03-25 15:17:08,816 FATAL org.dspace.storage.rdbms.InitializeDatabase @ Caught exception: [java] org.postgresql.util.PSQLException: Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections. [java] at org.postgresql.jdbc1.AbstractJdbc1Connection.openConnection(AbstractJd bc1Connection.java:204) [java] at org.postgresql.Driver.connect(Driver.java:139) |
it usually means you haven't yet added the relevant configuration parameter to your PostgreSQL configuration (see above), or perhaps you haven't restarted PostgreSQL after making the change. Also, make sure that the db.username and db.password properties are correctly set in [dspace]/config/dspace.cfg. An easy way to check that your DB is working OK over TCP/IP is to try this on the command line:
Code Block |
---|
psql -U dspace -W -h localhost |
Enter the dspace database password, and you should be dropped into the psql tool with a dspace=> prompt.
Another common error looks like this:
Code Block |
---|
[java] 2004-03-25 16:37:16,757 INFO org.dspace.storage.rdbms.InitializeDatabase @ Initializing Database [java] 2004-03-25 16:37:17,139 WARN org.dspace.storage.rdbms.DatabaseManager @ Exception initializing DB pool [java] java.lang.ClassNotFoundException: org.postgresql.Driver [java] at java.net.URLClassLoader$1.run(URLClassLoader.java:198) [java] at java.security.AccessController.doPrivileged(Native Method) [java] at java.net.URLClassLoader.findClass(URLClassLoader.java:186) |
This means that the PostgreSQL JDBC driver is not present in [dspace]/lib. See above.
ant fresh_install
: There are two common errors that may occur:If your error looks like this:
Code Block |
---|
[get] Error getting http://geolite.maxmind.com/download/geoip/database/GeoLiteCityGeoLite2-City.dattar.gz to /usr/local/dspace/config/GeoLiteCityGeoLite2-City.dattar.gz BUILD FAILED /dspace-release/dspace/target/dspace-installer/build.xml:931: java.net.ConnectException: Connection timed out |
it means that you likely either (a) don't have an internet connection to download the necessary GeoLite Database file (used for DSpace Statistics), or (b) the GeoLite Database file's URL is no longer valid.
Another common message looks like this:
Code Block |
---|
[echo] WARNING : FAILED TO DOWNLOAD GEOLITE DATABASE FILE [echo] (Used for DSpace Solr Usage Statistics) |
Again, this means the GeoLite Database file cannot be downloaded or is unavailable for some reason. You should be able to resolve this issue by following the "Manually Installing/Updating GeoLite Database File" instructions.
...