...
Info |
---|
Update June 24, 2014: Several significant bug fix patches have accumulated in the 2.4.x maintenance branch since 2.4.0 was released. Until a 2.4.1 GA is announced, upgrades and new installs targeting 2.4.x are strongly encourages to build and deploy the tip of the maintenance branch. For all existing installations of 2.0.X and 2.1.X, important upgrade instructions exist in the previous 2.1, 2.2 and 2.3 Release notes.
If you are running a SSP version prior to 1.1.1, you are strongly encouraged to upgrade or otherwise apply the reporting subsystem security patches described by SSP-701. If you are running SSP version 2.0.0 or 2.0.0-b3, you are strongly encouraged to upgrade to 2.0.1 or 2.1.0 or 2.2.0 or later or otherwise apply the Confidentiality Level-related patches for the Student Documents tool as described by SSP-1917. All implementers of this release should consider installing the patches listed in the commit section of the SSP-2721 issue details. Also please take a few minutes to review additional security-related announcements detailed at the top of the SSP space here in Confluence. |
...
Tip |
---|
In order to build SSP-Platform directly from the Github repository, follow the developer environment instructions. The requisite software and configurations are similar but add the git component to maintain a local repository. Update June 24, 2014: Those instructions also describe how to build SSP from source, which you'll need to do if you're targeting the latest 2 |
...
...
.4.x patches ahead of the 2.4.1 GA. If you're deploying the 2.4.0 GA of Platform, but want to target SSP 2.4.1-SNAPSHOT (i.e. the latest 2.4.x), build SSP first, then update the SSP dependency in
|
2. SSP Configuration Files
- Create a directory for the local SSP configuration files
- Example:
- Unix/Linux/Mac example: /usr/local/ssp/ssp-local
Windows example: C:\ssp\ssp-local
Make the directory only readable by the user that is running Tomcat
Set an Environment Variable for the local configuration file location
Tip SSP_CONFIGDIR=/path/to/your/local-configuration (ie: /usr/local/ssp/ssp-local or C:\ssp\ssp-local)
- Example:
- ssp-config.properties
- The ssp-config.properties file must be modifed for database connectivity and email settings
- Baseline File Location: ,ssp root>/src/main/config/external//ssp-config.properties
Action: Copy the baseline ssp-config.properties file into the local configuration directory created above and rename it to
ssp-config.properties
. Or start with an emptyssp-config.properties
in that directory and add only the properties for which you need to override the default value.Configuration Values:
Value Description Note system_id Unique identifier of the SSP instance db_username Values for connecting to the SSP database db_password Values for connecting to the SSP database db_admin_username Values for connecting to the SSP database db_admin_password Values for connecting to the SSP database db_username_liquibase Value to allow for MS SQL Server domain accounts ${db_username_liquibase} and ${db_username} should be set the same value unless you're on SqlServer, using the JTDS driver, and SSP connects to the database as domain users. If that applies to you, keep ${db_username} set to the unqualified account name, but change ${db_username_liquibase} to the fully-qualified domain account name as shown here. Include the brackets and double back-slashes.
db_username_liquibase=[DOMAIN\\username]default is ${db_username}
db_schema Db schema for the SSP database Examples:
Postgres: public
SQLServer: dbo
db_name Value for the SSP database db_url jdbc connection syntax For Microsoft SQL Server, either specify a port (the default is 1433) or ensure that the SQL Server Browser service is running because the SQL Server JDBC driver defaults to port 1434 which is the SQL Server Server Browser service default port. Depending on the server configuration, either may work, or you may want to explicitly specify the port and instance name, if applicable.
For best results with SQL Server, the JTDS driver included with the Platform installation is recommended. Examples of the url are provided in the sample ssp-config.properties file.
SQL Server db_url w DOMAIN USER AUTHN may look like this; substitute machine name, instance and domain names w/o <>'s
db_url=jdbc:jtds:sqlserver://<machine_name>:1433/${db_name};instance=<instance_name>;domain=<domain_name>db_driver_class jdbc database connectivity syntax For best results with SQL Server, the JTDS driver included with the Platform installation is recommended. Examples of the class are provided in the sample ssp-config.properties file.
db_dialect Hibernate dialect Use of one of the org.jasig.ssp.util.hibernate.ExtendedSQLServer*Dialects
is strongly encouraged if running against SQLSever. The defaultssp-config.properties
has an example.)db_conns_max_active Values for the database connection pool The default value will need to be increased for test and production db_conns_max_idle Values for the database connection pool The default value will need to be increased for test and production db_conns_max_wait Values for the database connection pool db_conns_validation_query Values for the database connection pool db_liquibase_enabled Enables the liquibase script for database table management db_liquibase_changelog Location for the liquibase change log db_liquibase_set_mssql_snapshot_isolation Parameter for configuring a MSSQL database IMPORTANT The default value is 'true'. Set this value to 'false for MSSQL. The liquibase changeset 000014.xml will be ignored. The sql above configures the database correctly. db_liquibase_strip_journal_comment_markup Parameter to enable a script to convert HTML Journal Entries to plain text db_liquibase_strip_tuition_paid_is_y True value will delete the existing values forced into the database in v1.2.0, False will leave the existing values alone This only applies to implementers who installed v1.2.0 or earlier AND populated the external_registration_status_by_term.tuition_paid field with external data db_liquibase_external_fa_not_null_drop_y True value allows the table to be re-created with the correct column definitions for null values db_liquibase_external_apply_natural_keys True value will apply the new primary keys to the external database Version 2.0.0 added primary keys to the external database tables for performance and uniqueness enhancements. If there are non-unique values in the database, the liquibase will fail to make the table changes. db_liquibase_manage_external_database_by_default
True value will allow SSP to manage the tables and views If you want to take total control of SSP's external views and tables, change that property to false in your SSP_CONFIGDIR/ssp-config.properties before first startup. And once you've started up, there's really no point in ever changing that value afterwards. (If you turn it off, then decide you want SSP to manage external views and tables after all, you'll need to update config set value = 'true' where name = 'manage_integration_database' and then restart.) db_liquibase_convert_external_term_timestamps True value in external_term.start_date and external_term.end_date will be interpreted in ${db_time_zone_legacy} and re-written in${db_time_zone_legacy}.True usually makes sense for both upgrades and fresh installs. Would only set to false if for some reason these fields have already been converted to ${db_time_zone) via some external process.db_batchsize
The number of records to process for database transactions. The default value is 300. Use of the parameter can increase performance of queries writing large sums of data into the database. This is primarily used in the Caseload Re-assignment tool. student_documents_base_dir Base Directory for student documentsThe default is ${catalina.base}/ssp-uploads/student-docs
It is important to not end in path separator like / or \student_documents_volumes Comma seperated list of subdirectories under student documentsIt is important to not end in path separator like / or \ student_documents_file_types Comma separated list of allowable file types that will be used to validate student document filesThe initial types are pdf,gif,jpg,jpeg,doc,docx,xls,png.
It is important to not include the period/dot in the definition. Only the type abbreviation is required.
student_documents_max_size Maximum size of an individual file, in bytes The default value is 5000000 cacheLifeSpanInMillis
This property will dictate how long lived a cache will be only external courses uses a cachedefault is 86400000 = 1 day db_time_zone_legacy Parameter to set the timezone for data migration Used for migrating persistent timestamps. Prior to work on SSP-1002, SSP-1035, and SSP-1076, timestamps were stored in the JVM default timezone. After that the application assumes they are stored in ${db_time_zone}. In order to correctly migrate existing data, though, the app needs to know the original timezone. This is almost always going to be the current JVM default timezone, hence the default value here, which is a special value instructing the app to lookup and inject that timezone into this config property. In the rare event you need to change that value, you can do so here. This would likely only be necessary if, for whatever reason you change the JVM default *after* the migrations run, which would result in a Liquibase checksum error. To avoid that, just set the relevant timezone here when and if you make that change.
Default is CURRENT_JVM_DEFAULTdb_time_zone Timezone ID for the JVM JVM-recognized TimeZone ID for the zone in which persistent date/time values should be interpreted. Should rarely if ever need to be overridden. If overridden, should always be set to a TimeZone that does not observe Daylight Savings Time unless trying to cope with legacy data that was stored in a DST-aware TimeZone. Once set, should never be changed else date/time values in the database will be interpreted incorrectly. (SSP does not store timezone data on persistent date/time values and implements no logic for detecting and/or handling changes to this configuration option.)
Default is UTC
highly_trusted_ips The list of IP addresses that are allowed to access the APIs This is used in conjunction with high_trusted_ips_enabled in the System Configuration smtp_username Value for email relay smtp_password Value for email relay smtp_host Value for email relay smtp_port Value for email relay smtp_protocol Protocol for email Default is smtp ssp_admins_email_addresses Recipient of system generated messages scheduled_coach_sync_enabled Parameter to enable coach sync process per_coach_sync_transactions Parameter to enable the sync process to run per coach instead of one large transaction for all coaches scheduled_task_cleanup_wait_millis
Max amount of time, in milliseconds, the app will wait during shutdown for any background tasks to abandon their work.Default is 10000 uportal_session_keep_alive_timeout Length of time for uPortal sessions KeepAliveFilter oauth2_client_password_encoding_secret Config for setting the key with which OAuth2 Client secrets are hashed before being placed into the database spring.profiles.active Deployment options - dev-standalone: completely free of uPortal
- standalone: as the only portlet in a uPortal instance
- uPortal: as one of many portlets in a uPortal instance
ssp_main_use_minifed_jsParameter to determine the javascript file used in the deployment When set to true, ssp-main.jsp will include a minified js called app-all.jsWhen set to false, ssp-main.jsp will include the non-minified app.jsssp_trusted_code_run_as_key
When the scheduled jobs run they have to "run as" a particular user. SSP uses SpringSecurity for this, and the application code is allowed to sudo to a different user as long as it knows the special shared secret defined in the configuration.
Default is SZP. If you plan on running deployment-specific third-party code, or really even other webapps in the same Tomcat contains, you should probably select a more complex, deployment-specific value.
...
- Use the following command to build, deploy, and initialize the SSP-Platform project:
...
- project:
Code Block | ||
---|---|---|
*** When running a database initialization ant target (initportal, initdb), you need to specify SSP_CONFIGDIR if it isn't already specified as an env var. E.g on *nix.... $> SSP_CONFIGDIR=/opt/ssp/sspconfig ant -Dmaven.test.skip=true clean <target> Most Common Commands - Re/Initialize the SSP-Platform database, then run the equivalent of deploy-ear. Destructive! Appropriate for first-time deployments. $> SSP_CONFIGDIR=/opt/ssp/sspconfig ant -Dmaven.test.skip=true clean <target> Most Common Commandsinitportal - Build entire uPortal (incl. all wars), and deploy entire uPortal, ant deploy-ear - Build the full site and database, ant initportal (Warning- this will reset the entire uPortal database) Other deployment optionsSSP-Platform portal, including SSP: $> SSP_CONFIGDIR=/opt/ssp/sspconfig ant -Dmaven.test.skip=true clean deploy-ear Other commonly used ant targets: testdb: Tests the database settings and connectivity initdb: Drop uPortalSSP-Platform tables in the db & recreate them with configured seed data (src/main/data, not including the "quickstart" folder). deploy-war: Build & deploy _just the uPortalSSP-Platform war_ (i.e. not SSP or other portlets, etc.). deployPortletApp: Deploy one (already-built) portlet war file to Tomcat (example ant deploPortletApp -DportletApp=..\/SSP-Open-Source-Project/target/ssp.war) | ||
Info | ||
| ||
This command will download the SSP .war file and bundle it into the output of the SSP-Platform build |
- Additional step for Microsoft SQL Server to update column types
...