Assertion Manager
Purpose
Here is a guide to help you install Assertion Manager.
Requirements
- Debian squeeze or ubuntu 12.04 64bits with an Internet access.
- Database : PostGresql 8.4
- Java virtual machine : JDK 1.6 or other
- Application server : Jboss 5.1.0-GA
- It must be installed in:
/usr/local/jboss - A server named gazelle must be here:
/usr/local/jboss/server/gazelle/
- It must be installed in:
To install those requirements you can run this as root:
wget https://gazelle.ihe.net/jenkins/job/gazelle-public-release/ws/gazelle-tm-ear/src/main/scripts/setup.sh
chmod +x setup.sh
./setup.sh
Quick start
Assertion manager can be installed
As a gazelle user on your server:
wget https://gazelle.ihe.net/jenkins/job/AssertionManager-Gui-SNAPSHOT/ws/install_assertion_manager_gui.sh
chmod +x install_assertion_manager_gui.sh
sudo install_assertion_manager_gui.sh
It will:
- Backup the previous EAR
- Get the latest released version of Assertion Manager and deploy it in your jboss.
- Create the database if it doesn’t exists.
Insert configuration values
Go to insert configuration values chapter to configure your Assertion manager
Restart Jboss service
sudo service jboss restart
Assertion manager is now deployed.
Compile from sources
The following chapters will explain how to build and configure Assertion manager from sources.
This is useful only to change the database configuration.
Assertion Manager is an open source project under Apache2 licence. The sources are available on the INRIA’s Forge:
sudo apt-get install maven2 subversion
svn checkout svn://scm.gforge.inria.fr/svn/gazelle/Maven/gazelle-assertion-gui/trunk/ assertion-manager-gui
svn checkout svn://scm.gforge.inria.fr/svn/gazelle/Maven/gazelle-assertion-gui/trunk/ assertion-manager
cd assertion-manager
mvn clean install
cd ../assertion-manager-gui
mvn clean package -U -Pproduction
If maven cannot download dependencies checkout the maven configuration guide: https://gazelle.ihe.net/content/development-support-tools
Database creation and initialization
The names of the databases are defined in the pom.xml file. Use the following commands with the adaptations you want:
su postgres
psql
postgres=\# CREATE USER gazelle;
postgres=\# ALTER USER gazelle WITH ENCRYPTED PASSWORD 'password';
postgres=\# CREATE DATABASE "assertion-manager" OWNER gazelle ENCODING UTF-8;
postgres=\# CREATE DATABASE "assertion-manager-gui" OWNER gazelle ENCODING UTF-8;
postgres=\# \\q
exit
Insert configuration values
Configuration can be done through the Administration interface, or with a sql script
Each time a configuration is modified, the application needs to be restarted.
To restart the application there are 2 options:
- Restart jboss: sudo service jboss restart
- Touch the ear: touch /pathToJbossServer/deploy/AssertionManagerGui.ear
Here is the list of configuration variables that must be defined:
| Variable | Default value | Description |
|---|---|---|
| application_url | http://server_domain:8080/AssertionManager | URL to reach the tool |
| application_works_without_cas | true | Indicates authentication mechanism to use |
| ip_login | true | Indicates authentication mechanism to use |
| ip_login_admin | .* | Pattern to grant users as admin based on their IP address |
| cas_url | Not defined | URL of the CAS service |
| upload_max_size | 100000000 | Used to limit uploaded files size |
| assertion_manager_rest_path_to_assertion | /testAssertion/assertion | do not change |
| assertion_manager_rest_url | https://server_domain:8080/AssertionManagerGui/rest | update server_domain:8080 to fit your needs. |
| security-policies | true | Enable security features |
| X-Frame-Options | SAMEORIGIN | https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options |
| Cache-Control | private, no-cache, no-store, must-revalidate, max-age=0 | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers#Cache-control |
| Strict-Transport-Security | max-age=31536000 ; includeSubDomains | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers#Cache-control |
| X-Content-Security-Policy | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers#Cache-control | |
| X-WebKit-CSP | Use X-Content-Security-Policy values | |
| X-WebKit-CSP-Report-Only | Use X-Content-Security-Policy-Report-Only values | |
| X-Content-Security-Policy-Report-Only | default-src self *.ihe-europe.net; script-src self unsafe-eval unsafe-inline ; style-src self unsafe-inline ; | https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Using_Content_Security_Policy |
| sql_injection_filter_switch | true | Enable sql injection filtering |
| gazelle_test-managment-url | https://server_domain:8080/gazelle/rest/ | points to gazelle test managment rest interface |
| application_documentation | https://gazelle.ihe.net/content/assertion-manager | |
| documentation_url | https://gazelle.ihe.net/content/assertion-manager | |
| application_release_notes_url | https://gazelle.ihe.net/jira/browse/AS#selectedTab=com.atlassian.jira.plugin.system.project%3Achangelog-panel | |
| application_issue_tracker_url | https://gazelle.ihe.net/browse/EVSCLT | URL of the project in the issue tracking system |
To insert values with a sql script, connect to the database
su postgres
psql assertion-manager-gui
Then copy paste the folowing script:
SET statement\_timeout = 0;
SET lock\_timeout = 0;
SET client\_encoding = 'UTF8';
SET standard\_conforming\_strings = on;
SET check\_function\_bodies = false;
SET client\_min\_messages = warning;
SET search\_path = public, pg\_catalog;
SET default\_tablespace = '';
SET default\_with\_oids = false;
--
-- Name: app\_configuration; Type: TABLE; Schema: public; Owner: gazelle; Tablespace:
--
CREATE TABLE app\_configuration (
id integer NOT NULL,
value character varying(255),
variable character varying(255)
);
ALTER TABLE public.app\_configuration OWNER TO gazelle;
--
-- Name: app\_configuration\_pkey; Type: CONSTRAINT; Schema: public; Owner: gazelle; Tablespace:
--
ALTER TABLE ONLY app\_configuration
ADD CONSTRAINT app\_configuration\_pkey PRIMARY KEY (id);
--
-- Name: variable\_unique; Type: CONSTRAINT; Schema: public; Owner: gazelle; Tablespace:
--
ALTER TABLE ONLY app\_configuration
ADD CONSTRAINT variable\_unique UNIQUE (variable);
--
-- Data for Name: app\_configuration; Type: TABLE DATA; Schema: public; Owner: gazelle
--
INSERT INTO app\_configuration VALUES (1, 'false', 'ip\_login');
INSERT INTO app\_configuration VALUES (2, '.\*', 'ip\_login\_admin');
INSERT INTO app\_configuration VALUES (3, '100000000', 'upload\_max\_size');
INSERT INTO app\_configuration VALUES (4, '/testAssertion/assertion', 'assertion\_manager\_rest\_path\_to\_assertion');
INSERT INTO app\_configuration VALUES (5, 'https://server_domain:8080/AssertionManagerGui/rest', 'assertion\_manager\_rest\_url'); --update with your server domain example: https://gazelle.ihe.net/AssertionManagerGui/rest
INSERT INTO app\_configuration VALUES (6, 'true', 'security-policies');
INSERT INTO app\_configuration VALUES (7, 'SAMEORIGIN', 'X-Frame-Options');
INSERT INTO app\_configuration VALUES (8, 'private, no-cache, no-store, must-revalidate, max-age=0', 'Cache-Control');
INSERT INTO app\_configuration VALUES (9, 'max-age=31536000 ; includeSubDomains', 'Strict-Transport-Security');
INSERT INTO app\_configuration VALUES (10, '', 'X-Content-Security-Policy');
INSERT INTO app\_configuration VALUES (11, 'Use X-Content-Security-Policy values', 'X-WebKit-CSP');
INSERT INTO app\_configuration VALUES (12, 'Use X-Content-Security-Policy-Report-Only values', 'X-WebKit-CSP-Report-Only');
INSERT INTO app\_configuration VALUES (13, 'default-src self \*.ihe-europe.net; script-src self unsafe-eval unsafe-inline ; style-src self unsafe-inline ;', 'X-Content-Security-Policy-Report-Only');
INSERT INTO app\_configuration VALUES (14, 'true', 'sql\_injection\_filter\_switch');
INSERT INTO app\_configuration VALUES (15, 'https://server_domain:8080/AssertionManagerGui', 'application\_url'); --update with your server domain
INSERT INTO app\_configuration VALUES (16, 'false', 'application\_works\_without\_cas');
INSERT INTO app\_configuration VALUES (17, 'https://server_domain:8080/cas', 'cas\_url'); --update with your server domain
INSERT INTO app\_configuration VALUES (18, 'https://server_domain:8080/gazelle/rest/', 'gazelle\_test-managment-url'); --update with your server domain
INSERT INTO app\_configuration VALUES (19, 'https://gazelle.ihe.net/content/assertion-manager', 'application\_documentation');
INSERT INTO app\_configuration VALUES (20, 'https://gazelle.ihe.net/content/assertion-manager', 'documentation\_url');
INSERT INTO app\_configuration VALUES (21, 'https://gazelle.ihe.net/jira/browse/AS\#selectedTab=com.atlassian.jira.plugin.system.project%3Achangelog-panel', 'application\_release\_notes\_url');
Compile
Before compiling, go to the directory gazelle-tm and edit the file pom.xml. Open this file and adapt the properties of profile prod to your case :
- jdbc.connection.url : jdbc:postgresql:assertion-manager-gui
- jdbc.connection.url2 : jdbc:postgresql:assertion-manager
- jdbc.connection.user / jdbc.connection.password : credentials for database access
Then, create the EAR archive with the command line:
cd assertion-manager
mvn install
cd ..
cd assertion-manager-gui
mvn clean package -Pproduction
The archive (EAR) and the distribution file are created and placed into assertion-manager-gui/AssertionManagerGui-ear/target directory.
Deployment
Copy the AssertionManagerGui.ear into the “server/gazelle/deploy” directory of your JBoss server. Finally, start your server.
When the application is deployed, open a browser and go to http://yourserver/AssertionManagerGui.
If the deployment and the database initialization are successful you should see the home page.
