1
|
<!--
|
2
|
* '$RCSfile$'
|
3
|
* Purpose: web page describing the installation of Metacat
|
4
|
* Copyright: 2008 Regents of the University of California and the
|
5
|
* National Center for Ecological Analysis and Synthesis
|
6
|
* Authors: Chad Berkley
|
7
|
*
|
8
|
* '$Author: daigle $'
|
9
|
* '$Date: 2008-11-17 11:11:02 -0800 (Mon, 17 Nov 2008) $'
|
10
|
* '$Revision: 4565 $'
|
11
|
*
|
12
|
*
|
13
|
-->
|
14
|
|
15
|
<!DOCTYPE html PUBLIC "-//W3C//DTD html 4.0//EN">
|
16
|
<html>
|
17
|
|
18
|
<head>
|
19
|
<title>Metacat Configuration Instructions</title>
|
20
|
<link rel="stylesheet" type="text/css" href="./common.css">
|
21
|
<link rel="stylesheet" type="text/css" href="./default.css">
|
22
|
</head>
|
23
|
|
24
|
<body>
|
25
|
|
26
|
<table class="tabledefault" width="100%">
|
27
|
<tr><td rowspan="2"><img src="./images/KNBLogo.gif"></td>
|
28
|
<td colspan="7">
|
29
|
<div class="title">Metacat Configuration</div>
|
30
|
</td>
|
31
|
</tr>
|
32
|
<tr>
|
33
|
<td><a href="/" class="toollink"> KNB Home </a></td>
|
34
|
<td><a href="/data.html" class="toollink"> Data </a></td>
|
35
|
<td><a href="/people.html" class="toollink"> People </a></td>
|
36
|
<td><a href="/informatics" class="toollink"> Informatics </a></td>
|
37
|
<td><a href="/biodiversity" class="toollink"> Biocomplexity </a></td>
|
38
|
<td><a href="/education" class="toollink"> Education </a></td>
|
39
|
<td><a href="/software" class="toollink"> Software </a></td>
|
40
|
</tr>
|
41
|
</table>
|
42
|
<hr>
|
43
|
|
44
|
<div class="header1">Table of Contents</div>
|
45
|
<div class="toc">
|
46
|
<div class="toc1"><a href="#Overview">Overview</a></div>
|
47
|
<div class="toc2"><a href="#MetacatConfiguration">Metacat Configuration</a></div>
|
48
|
<div class="toc2"><a href="#ConfigurationRules">Configuration Rules</a></div>
|
49
|
<div class="toc1"><a href="#LdapConfig">LDAP Configuration</a></div>
|
50
|
<div class="toc2"><a href="#LdapOverview">LDAP Overview</a></div>
|
51
|
<div class="toc2"><a href="#GetToLdapConfig">Getting to the LDAP Configuration</a></div>
|
52
|
<div class="toc2"><a href="#ConfigLdapNoAuth">Changing LDAP Configuration Without Authentication</a></div>
|
53
|
<div class="toc1"><a href="#AdminLogin">Admin Log In</a></div>
|
54
|
<div class="toc2"><a href="#AdminLoginOverview">Admin Log In</a></div>
|
55
|
<div class="toc2"><a href="#LoggingIn">Logging In</a></div>
|
56
|
<div class="toc1"><a href="#MainConfig">Main Configuration Page</a></div>
|
57
|
<div class="toc2"><a href="#MainConfigOverview">Main Configuration Overview</a></div>
|
58
|
<div class="toc1"><a href="#GlobalConfig">Global Properties Configuration</a></div>
|
59
|
<div class="toc2"><a href="#GlobalConfigOverview">Global Properties Overview</a></div>
|
60
|
<div class="toc2"><a href="#AutoDetection">Property Auto-Detection</a></div>
|
61
|
<div class="toc2"><a href="#GlobalConfigBackup">Global Property Backup</a></div>
|
62
|
<div class="toc1"><a href="#SkinsConfig">Skins Configuration</a></div>
|
63
|
<div class="toc2"><a href="#SkinsConfigOverview">Skins Overview</a></div>
|
64
|
<div class="toc2"><a href="#ChoosingDefaultSkin">Choosing a Default Skin</a></div>
|
65
|
<div class="toc2"><a href="#ConfigOnlineRegistry">Configuring Online Registry</a></div>
|
66
|
<div class="toc1"><a href="#DatabaseConfig">Database Configuration</a></div>
|
67
|
<div class="toc2"><a href="#DatabaseConfigOverview">Database Configuration Overview</a></div>
|
68
|
<div class="toc2"><a href="#DatabaseNewInstall">New Database Installation</a></div>
|
69
|
<div class="toc2"><a href="#DatabaseUpgrade">Database Upgrade</a></div>
|
70
|
<div class="toc1"><a href="#GeoserverConfig">Geoserver Configuration</a></div>
|
71
|
<div class="toc2"><a href="#GeoserverUpdatePassword">Geoserver Password Update</a></div>
|
72
|
<div class="toc2"><a href="#GeoserverManualUpdate">Geoserver Manual Update</a></div>
|
73
|
<div class="toc1"><a href="#CompleteConfig">Complete the Metacat Configuration</a></div>
|
74
|
</div>
|
75
|
|
76
|
<a name="Overview"></a><div class="header1">Overview</div>
|
77
|
<a name="MetacatConfiguration"></a><div class="header2">Metacat Configuration</div>
|
78
|
<p>As of version 1.9.0, Metacat configuration is done internally by the application. When
|
79
|
Metacat (Tomcat) is started, it will check to see if it is configured. If not, you will be
|
80
|
automatically sent to the configuration pages. </p>
|
81
|
|
82
|
<p>If the installation is new, or the previous version is before 1.9.0, you will
|
83
|
need to pay close attention to the configuration values. If you have upgraded
|
84
|
Metacat, and the previous version is 1.9.0 or later, Metacat will pull existing
|
85
|
values from a backup location. You should still verify that the values are
|
86
|
correct.</p>
|
87
|
|
88
|
<p>Get to Metacat on your server by entering into the browser:</p>
|
89
|
<div class="code">http://<your_context_url></div>
|
90
|
<p>Where <your_context_url> is the url where Metacat will be served followed
|
91
|
by the name of the war file(application context) that you installed. For instance,
|
92
|
the KNB production Metacat url is:</p>
|
93
|
<div class="code">http://knb.ecoinformatics.org/knb</div>
|
94
|
|
95
|
<p>You can always go to the configuration screen from within Metacat by typing:
|
96
|
<div class="code"><your_context_url>/admin</div>
|
97
|
|
98
|
<a name="ConfigurationRules"></a><div class="header2">Configuration Rules</div>
|
99
|
<p>The system will follow these rules in order to determine the order
|
100
|
that the configuration will occur:</p>
|
101
|
|
102
|
<ul>
|
103
|
<li>
|
104
|
Is LDAP Configured? If not, show
|
105
|
<a HREF="metacatconfigure.html#ldap-config">LDAP Configuration Section</a>.
|
106
|
You will need to have LDAP configured in order to define administrative accounts
|
107
|
and authenticate as one of these users via LDAP.
|
108
|
</li>
|
109
|
<li>
|
110
|
Are you logged in as an administrative user? If not, show
|
111
|
<a HREF="metacatconfigure.html#admin-login">Administrator Login Page</a>.
|
112
|
You can only configure Metacat as an administrator.
|
113
|
</li>
|
114
|
<li>
|
115
|
Are main properties, skins or database unconfigured? If so, show
|
116
|
<a HREF="metacatconfigure.html#main-config">Main Configuration Page</a>
|
117
|
Note that you will not be able to select the database configuration utility
|
118
|
until main properties have been configured.
|
119
|
</li>
|
120
|
<li>
|
121
|
Are all sections configured? If so, show
|
122
|
<a HREF="metacatconfigure.html#main-config">Main Configuration Page</a> which
|
123
|
include instructions for going to Metacat server (or restarting Metacat if you
|
124
|
are reconfiguring a running server).
|
125
|
</li>
|
126
|
</ul>
|
127
|
|
128
|
<p> See the following sections for descriptions of how each of these work. For more
|
129
|
information on each field, click on the blue question mark icon to the right.</p>
|
130
|
|
131
|
<a name="LdapConfig"></a><div class="header1">LDAP Configuration</div>
|
132
|
<a name="LdapOverview"></a><div class="header2">LDAP Overview</div>
|
133
|
<p>Metacat uses LDAP as it's primary authentication mechanism. The three main
|
134
|
values needed are LDAP URL, LDAP Secure URL and Metacat Administrators. You need
|
135
|
to verify that the the LDAP URL and LDAP Secure URL are correct (fig 1).
|
136
|
<span class="emphasis">You need to make sure that your LDAP user
|
137
|
account is entered into the MetaCat Administrators field. You will not be allowed
|
138
|
to continue with configuration if this is missing.</span>
|
139
|
|
140
|
<img class="screenshot" src="./images/ldap-config.png"/>
|
141
|
<div class="fig-text"> fig 1 </div>
|
142
|
|
143
|
<a name="GetToLdapConfig"></a><div class="header2">Getting to the LDAP Configuration</div>
|
144
|
<p>You will automatically be sent to the LDAP Configuration page if this is a new
|
145
|
installation or upgrade.</p>
|
146
|
|
147
|
<p>You can also get to the LDAP configuration from a running Metacat by typing:</p>
|
148
|
<div class="code"><your_context_url>/admin</div>
|
149
|
<p>You will be required to log in as an administrator and restart Metacat once you
|
150
|
make changes.</p>
|
151
|
|
152
|
<a name="ConfigLdapNoAuth"></a><div class="header2">Changing LDAP Configuration Without Authentication</div>
|
153
|
<p>There is one exception to the log in rule. That is when you need to change or add
|
154
|
LDAP information, but you can't authenticate using the existing setup. For example:</p>
|
155
|
|
156
|
<ul>
|
157
|
<li>The existing Metacat administrator is no longer available</li>
|
158
|
<li>You forgot the administrator password.</li>
|
159
|
<li>The configured LDAP urls are unavailable and you need to configure new ones.</li>
|
160
|
</ul>
|
161
|
|
162
|
<p>In this case, you will need to edit the Metacat configuration file by hand and
|
163
|
make the changes. This insures that only a person who has access to the Metacat
|
164
|
server and the configuration files on that server will be able to change the
|
165
|
administrator accounts</p>
|
166
|
|
167
|
<p>Stop Tomcat and edit the Metacat properties file at:</p>
|
168
|
<div class="code"><webapp_dir>/<context_dir>/WEB-INF/metacat.properties</div>
|
169
|
<p>where <webapp_dir> is the place that Tomcat looks for applications and
|
170
|
<context_dir> is the name of the Metacat application (usually knb). Change the
|
171
|
following properties appropriately:</p>
|
172
|
|
173
|
<ul>
|
174
|
<li>ldap.administrators - a colon separated list of administrators</li>
|
175
|
<li>ldap.url - the LDAP server url</li>
|
176
|
<li>ldap.surl - the LDAP secure server url</li>
|
177
|
</ul>
|
178
|
|
179
|
<p>Save the metacat.properties file and start Tomcat.</p>
|
180
|
|
181
|
<a name="AdminLogin"></a><div class="header1">Admin Log In</div>
|
182
|
<a name="AdminLoginOverview"></a><div class="header2">Admin Log In Overview</div>
|
183
|
<p>Once LDAP has been configured, you will be required to login as an
|
184
|
administrative user if you haven't already. You will be taken to
|
185
|
the administrator login screen (fig 2). You can also get to the login
|
186
|
screen by choosing the "log in as different user" link at the bottom of
|
187
|
any configuration screen.</p>
|
188
|
|
189
|
<img class="screenshot" src="./images/admin-login.png"/>
|
190
|
<div class="fig-text"> fig 2 </div>
|
191
|
|
192
|
<a name="LoggingIn"></a><div class="header2">Logging In</div>
|
193
|
<p>You need to log in with an account that was configured as an administrative
|
194
|
user in the LDAP configuration section. If you did not set up the correct user
|
195
|
there, you will need to go through the
|
196
|
<a href="#ConfigLdapNoAuth">Changing LDAP Configuration Without Authentication</a>
|
197
|
instructions to set up the user.</p>
|
198
|
|
199
|
<p>Enter your user name. This is the uid part of the ldap identifier that you
|
200
|
entered in LDAP configuration. Select your organization, enter your password and
|
201
|
hit enter. You should successfully log in.</p>
|
202
|
|
203
|
<a name="MainConfig"></a><div class="header1">Main Configuration Page</div>
|
204
|
<a name="MainConfigOverview"></a><div class="header2">Main Configuration Overview</div>
|
205
|
<p>The main configuration screen acts as a gateway into individual configuration
|
206
|
sections (fig 3). You should see that the LDAP is already configured.</p>
|
207
|
|
208
|
<p>Each section is listed with a status to the left which can be one of:</p>
|
209
|
<ul>
|
210
|
<li><font color="red">[unconfigured]</font> - the section has yet to be configured</li>
|
211
|
<li><font color="green">[configured]</font> - the section has been configured</li>
|
212
|
<li>
|
213
|
<font color="green">[bypassed]</font> - this is currently only used for Geoserver
|
214
|
configuration. The administrator can choose not to configure the Geoserver user/password.
|
215
|
In essence, the bypass status acts like the configured status.
|
216
|
</li>
|
217
|
</ul>
|
218
|
|
219
|
<p>To the right of each section is an option which can be one of:
|
220
|
<ul>
|
221
|
<li>Configure Now - click on this link to configure that section</li>
|
222
|
<li>Reconfigure Now - the section was already configured, but you can choose to reconfigure it.</li>
|
223
|
<li>
|
224
|
Configure Global Properties First - this section has a dependency on the global
|
225
|
properties section. Once global properties is configured, the option to configure
|
226
|
this section should become available.
|
227
|
</li>
|
228
|
<li>Version: X.X.X - this is used for the Database Installation/Upgrade section. The system
|
229
|
detects the database schema version. If that version is the same as the application version,
|
230
|
that version will be displayed (i.e. 1.9.0) and no further database configuration is
|
231
|
required.
|
232
|
</li>
|
233
|
</ul>
|
234
|
|
235
|
<p>All sections must be in a configured or bypassed state in order to run Metacat.</p>
|
236
|
|
237
|
<img class="screenshot" src="./images/main-config.png"/>
|
238
|
<div class="fig-text"> fig 3 </div>
|
239
|
|
240
|
<a name="GlobalConfig"></a><div class="header1">Global Properties Configuration</div>
|
241
|
<a name="GlobalConfigOverview"></a><div class="header2">Global Properties Overview</div>
|
242
|
<p>Metacat global properties are the bulk of the core properties needed to run Metacat
|
243
|
(fig 4). For detailed instructions on setting these properties, refer to the blue
|
244
|
question mark icon to the right of each property. Be sure that each of these are set
|
245
|
appropriately.</p>
|
246
|
|
247
|
<img class="screenshot" src="./images/global-config.png"/>
|
248
|
<div class="fig-text"> fig 4 </div>
|
249
|
|
250
|
<a name="AutoDetection"></a><div class="header2">Property Auto-Detection</div>
|
251
|
<p>The first time you install Metacat, the system will attempt to auto-detect
|
252
|
some values. These are:</p>
|
253
|
|
254
|
<ul>
|
255
|
<li>Metacat Context - Name of the context under which Metacat will run. This is the name
|
256
|
of the Metacat war file that was deployed (minus the .war extension).</li>
|
257
|
<li>Server Name - The DNS name of the server where Metacat will be available, not including
|
258
|
port numbers or the http:// header.</li>
|
259
|
<li>HTTP Port - The non-secure port where Metacat will be available. </li>
|
260
|
<li>HTTP SSL Port - The secure port where Metacat will be available.</li>
|
261
|
<li>Deploy Location - The directory where the application is deployed.</li>
|
262
|
</ul>
|
263
|
|
264
|
<p>You should be extra careful that these were detected correctly.</p>
|
265
|
|
266
|
<a name="GlobalConfigBackup"></a><div class="header2">Global Property Backup</div>
|
267
|
<p>When you save global properties, they are saved in a backup file that is
|
268
|
located in the following directory:</p>
|
269
|
<div class="code">/var/metacat/.metacat</div>
|
270
|
<p>When you update Metacat, the system will look for these backed up properties
|
271
|
so you won't have to re-enter all the information from previous installs.</p>
|
272
|
|
273
|
<a name="SkinsConfig"></a><div class="header1">Skins Configuration</div>
|
274
|
<a name="SkinsConfigOverview"></a><div class="header2">Skins Overview</div>
|
275
|
<p>Metacat allows for a customized look and feel for the Metacat front end and for the
|
276
|
online data registry services. There are two major functions provided by the
|
277
|
skins configuration. The first is to choose which skin will be the default. The
|
278
|
second will be to configure the look and feel of the online data registry pages. For
|
279
|
more information on the online data registry option, refer to the
|
280
|
<a href="./registry_installation.html">Metacat Registry Installation</a> documentation.</p>
|
281
|
|
282
|
<p>Note that if you are not using the online registry, and you don't have a custom skin,
|
283
|
you can just save the default skins configuration and move on to the next configuration
|
284
|
section.</p>
|
285
|
|
286
|
<a name="ChoosingDefaultSkin"></a><div class="header2">Choosing a Default Skin</div>
|
287
|
<p>There are several skins available to choose from in Metacat (fig 5). If you have a
|
288
|
skin that has been developed specifically for your instance of Metacat, you should
|
289
|
select the checkbox next to that skin. When you do, the form will open up with
|
290
|
several options for that skin (fig 6). choose the 'Make "skin_name" default" radio selection.
|
291
|
You should see "(default)" appear next to that skin name. Save the configuration
|
292
|
and that skin will be the one that appears when users visit your Metacat site. Note
|
293
|
that if you do not have a custom skin, you should leave your skin as the "default" skin.</p>
|
294
|
|
295
|
<img class="screenshot" src="./images/skins-config.png"/>
|
296
|
<div class="fig-text"> fig 5 </div>
|
297
|
|
298
|
<a name="ConfigOnlineRegistry"></a><div class="header2">Configuring Online Registry</div>
|
299
|
<p>The online registry code provides a web interface for entering data into Metacat. The
|
300
|
screens are somewhat configurable as far as which fields show up and which are required.
|
301
|
You should select each for which you want to activate the registry and then select the
|
302
|
appropriate fields for that skin.</p>
|
303
|
|
304
|
<img class="screenshot" src="./images/skins-config-2.png"/>
|
305
|
<div class="fig-text"> fig 6 </div>
|
306
|
|
307
|
<a name="DatabaseConfig"></a><div class="header1">Database Configuration</div>
|
308
|
<a name="DatbaseConfigOverview"></a><div class="header2">Database Configuration Overview</div>
|
309
|
<p>Metacat will detect the schema version of your database, and upgrade it if necessary. Once the
|
310
|
global Metacat properties have been configured, the Database Installation/Upgrade link
|
311
|
will become active on the main Metacat configuration page (see fig 3).</p>
|
312
|
|
313
|
<a name="DatabaseNewInstall"></a><div class="header2">New Database Installation</div>
|
314
|
<p>If this is a installation of Metacat, the database install/upgrade utility will
|
315
|
inform you of this (fig 7). It will list the sql scripts that will get run in order
|
316
|
to create a database schema for the version of Metacat that you are installing. If
|
317
|
there is any question as to whether the database is new, you should choose to cancel.
|
318
|
When you choose to continue, the server will run the scripts you saw earlier.</p>
|
319
|
<img class="screenshot" src="./images/database-config.png"/>
|
320
|
<div class="fig-text"> fig 7 </div>
|
321
|
|
322
|
<a name="DatabaseUpgrade"></a><div class="header2">Database Upgrade</div>
|
323
|
<p>If this is an upgrade of Metacat, the database install/upgrade utility will
|
324
|
inform you of the current version of the database (fig 7). It will list the sql scripts
|
325
|
that will get run in order to update the database schema to the upgraded version of
|
326
|
Metacat. If there is any question as to whether the detected database schema version is
|
327
|
correct, you should choose to cancel. When you choose to continue, the server will run
|
328
|
the scripts you saw earlier.</p>
|
329
|
<img class="screenshot" src="./images/database-config-2.png"/>
|
330
|
<div class="fig-text"> fig 8 </div>
|
331
|
|
332
|
<a name="GeoserverConfig"></a><div class="header1">Geoserver Configuration</div>
|
333
|
<a name="GeoserverOverview"></a><div class="header2">Geoserver Configuration Overview</div>
|
334
|
<p>Metacat comes bundled with a Web Mapping Service called Geoserver which
|
335
|
converts spatial data into web-deliverable map images. For more information, see the
|
336
|
<a href="./spatial_option.html">Metacat Spatial Option documentation</a>. Geoserver
|
337
|
installs with a default admin username and password. You should change these so that
|
338
|
only local administrators can make changes to Geoserver.</p>
|
339
|
<a name="GeoserverUpdatePassword"></a><div class="header2">Geoserver Password Update</div>
|
340
|
<p>When you choose the Geoserver Configuration link on the main configuratio page, you
|
341
|
will go to a page that will prompt you for a user name and password (fig 9). When you
|
342
|
enter a user name and password, the metacat server will contact the embedded Geoserver
|
343
|
server and change the login credentails.</p>
|
344
|
<p>You also have the option of choosing "bypass". This will leave Geoserver configured
|
345
|
with the default user name and password. The main configuration screen will show the
|
346
|
bypassed status. The system will interpret the bypassed status the same as the configured
|
347
|
status.</p>
|
348
|
<img class="screenshot" src="./images/geoserver-config.png"/>
|
349
|
<div class="fig-text"> fig 9 </div>
|
350
|
<a name="GeoserverManualUpdate"></a><div class="header2">Geoserver Manual Update</div>
|
351
|
<p>You also have the option of changeing the Geoserver username and password by logging
|
352
|
in directly to the Geoserver. For more information on changing the credentials directly,
|
353
|
refer to the <a href="./geoserver-manual-configure.html">Geoserver Password Change documentation</a>.
|
354
|
Note that once you change the credentails manually, you will not be able to use the
|
355
|
Metacat admin tool to change it again (until a new Metacat Upgrade or installation).
|
356
|
<a name="CompleteConfig"></a><div class="header1">Complete the Metacat Configuration</div>
|
357
|
At this point, all the sections of the main configuration should be in a configured or
|
358
|
bypassed state (fig 10). If you are configuring because of a Metacat install or upgrade,
|
359
|
you will have the option to click on the "go to metacat" link and you should get taken
|
360
|
directly to the running version of Metacat. Note that this may take some time depending
|
361
|
on the amount of data in your database, since Metacat goes through an indexing process
|
362
|
at start-up time.</p>
|
363
|
|
364
|
<p>If you are reconfiguring an already running version of Metacat, you will not have the
|
365
|
option to go directly back to Metacat. You will need to restart the server (Tomcat).</p>
|
366
|
<img class="screenshot" src="./images/main-config-2.png"/>
|
367
|
<div class="fig-text"> fig 10 </div>
|