Changes between Version 16 and Version 17 of ESGF-Security


Ignore:
Timestamp:
Mar 14, 2013 11:19:49 AM (9 years ago)
Author:
vegasm
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • ESGF-Security

    v16 v17  
    24241. You can download the ESGF truststore from here https://rainbow.llnl.gov/dist/certs/esg-truststore.ts and add your tomcat certificate by yourself or download the [[attachment:esg-truststore.ts]] which contains the tomcat pem. You can also download the [[attachment:.keystore]]
    2525
    26 2. Uncomment the ''SSL HTTP/1.1 Connector'' entry in ''$CATALINA_HOME/conf/server.xml'' and add the following:
     262. Uncomment the ''SSL HTTP/1.1 Connector'' entry in '''$CATALINA_HOME/conf/server.xml''' and add the following:
    2727{{{
    2828<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"  SSLEnabled="true" maxThreads="150" scheme="https" secure="true"
     
    3232
    33333. Add the truststore to the classpath (it will be required by Java)
    34 Edit $CATALINA_HOME/bin/setclasspath.bat (windows) or $CATALINA_HOME/bin/setclasspath.sh (Linux) and add the following:
     34Edit '''$CATALINA_HOME/bin/setclasspath.bat''' (windows) or '''$CATALINA_HOME/bin/setclasspath.sh''' (Linux) and add the following:
    3535{{{
    3636 rem Windows
     
    5959ESG-ORP manages a list that is used to allow the idp's. It is called whitelist. The idp's are entities which provide an openid login and return a valid cookie. We will need two lists and you can download them from here [[attachment:esgf_idp.xml]] [[attachment:esgf_idp_static.xml]]. If your idp is not contained by ''esgf_idp_static.xml'' just add your idp to the file. It is recommended to save these files in '''WEB-INF/classes/esg/config''' to work properly in all environments because Windows paths are not considered by the momment.
    6060
    61 The whitelist files are read by ''WEB-INF/classes/esg/orp/orp/config/security-context-auth.xml''
     61The whitelist files are read by '''WEB-INF/classes/esg/orp/orp/config/security-context-auth.xml'''
    6262Go to the line 84 and replace it with this line:
    6363{{{
     
    7373Firstable, copy the following jars onto the TDS ''WEB-INF/lib directory'' [[attachment:"thredds_esg_security_libraries.zip​"]]
    7474
    75 After that, edit the file ''$CATALINA_HOME/webapps/thredds/WEB-INF/web.xml'' and insert the XML snippet that configures the ESG access control filters to intercepts all requests sent to the TDS. You must configure the filter parameters to values that are specific to your system, specifically:
     75After that, edit the file '''$CATALINA_HOME/webapps/thredds/WEB-INF/web.xml''' and insert the XML snippet that configures the ESG access control filters to intercepts all requests sent to the TDS. You must configure the filter parameters to values that are specific to your system, specifically:
    7676
    7777{{{