Metacat

Configuring Metacat

===================

When Metacat (Tomcat) is started, the Metacat servlet checks to see if it is

configured. If not, Metacat will automatically send you to the configuration

pages.

attention to the configuration values. If you have upgraded Metacat, and the

previous version is 1.9.0 or later, Metacat will pull existing configuration

settings from a backup location. You should still verify that the values are

correct.

Where <your_context_url> is the URL of the server hosting the Metacat followed

by the name of the WAR file (i.e., the application context) that you installed.

For instance, the context URL for the KNB Metacat is: http://knb.ecoinformatics.org/knb

You can always open the configuration screen from within Metacat by typing::

  http://<your_context_url>/admin

Initial Configuration

---------------------

Before you can log in to the Metacat and configure it, you are required to

confirm Metacat's back-up location and authentication configuration (if not

already configured). Metacat will automatically attempt to locate an existing

back-up directory, but you may need to correct the value or specify a directory

(if the installation is new, or if Metacat was unable to determine the location

of an existing back-up directory). The authentication configuration is required

for logging in to the Metacat and for defining administrative accounts.

are included at the end of this section.

Back-up Configuration

~~~~~~~~~~~~~~~~~~~~~

does not know where this external directory is, Metacat uses a discovery

algorithm to locate it. If Metacat cannot identify a backup directory, you will

see the Backup Directory Configuration screen.

  If the metacat.properties file has many custom settings, it should be manually

  backed up before any Metacat upgrade as deploying a new Metacat war file will overwrite

  the existing file.

   :align: center

   Configuring the Backup Directory.

Authentication Configuration

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Whether you are installing or upgrading the Metacat servlet, you will

automatically be sent to the Authentication Configuration page. You can also

reach the Authentication Configuration page from a running Metacat by typing::

  http://<your_context_url>/admin

or set up your own LDAP server. You also can define your own authentication mechanism by creating a Java

class that implements ``AuthInterface``.

Required configuration values for the password file authentication are:

    Authentication Class

    Metacat Administrators

    Users Management URL

    Password File Path.

  ::

    Authentication Class

    Metacat Administrators

    Users Management URL

    Authentication URL

    Authentication Secure URL.

Administrators field (e.g., uid=daigle,o=nceas,dc=ecoinformatics,dc=org). You

accounts can be entered, separated by the colon (:) character.

  To create an account on the password file, please see the section called :doc:`authinterface`.

  To create an LDAP account on the KNB LDAP server (specified as the default LDAP server),

  go to https://identity.nceas.ucsb.edu and select the "create a new user account" link.

If you make changes to the authentication settings, you must restart Tomcat to

put them into effect.

   :align: center

   Configuring Password File Authentication Values.

Changing Authentication Configuration without Authentication

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you need to change or add authentication information and cannot authenticate

using the existing authentication settings (e.g., the existing Metacat

administrator is no longer available or you forgot the administrator password),

you must edit the Metacat configuration file by hand. This ensures that only a

person who has access to the Metacat server and the configuration files on that

server will be able to change the administrator accounts.

To edit the authentication configuration file:

1. Stop Tomcat and edit the Metacat properties (``metacat.properties``) file in the

   Metacat context directory inside the Tomcat application directory. The

  ::

    <tomcat_app_dir>/<context_dir>/WEB-INF/metacat.properties

2. Change the following properties appropriately:

  ::

    auth.administrators - a colon separated list of administrators

    auth.url - the authentication server URL

    auth.surl - the authentication secure server URL

3. Save the ``metacat.properties`` file and start Tomcat.

Logging in to Metacat

---------------------

In order to configure Metacat, you must log in with an administrative account

that has been configured in the Authentication Configuration settings. If you

did not set up the correct administrative user there, you must change the

authentication configuration by hand before you can log in.

In the log-in screen enter your user name and password and click

the "Login" button.

   Logging into Metacat.

Required Configuration

----------------------

All required Metacat settings can be accessed from the Metacat Configuration

utility, which becomes available after the initial configurations

have been specified and an authorized administrator logs in.

.. figure:: images/screenshots/image017.png

   :align: center

   Metacat configuration menu, showing each configuration section.  Once all

   sections are marked as green ``configured``, metacat can be accessed.

The configuration settings are grouped into five sections (Metacat Global

Installation/Upgrade, Geoserver, DataONE, and Replication Configuration),

each of which is listed with its current status (see table).

==============  =============================================================

Status          Description

==============  =============================================================

configured      The section has been configured.

bypassed        The administrator

To the right of each configuration section is one of the following options:

Configure Now, Reconfigure Now, Configure Global Properties First, or

Version:X.X.X. If the option is linked (e.g., Configure Now or Reconfigure Now),

If the option is not linked (e.g., Configure Global

are set. Once the global properties are configured, the option to configure this

section becomes available. The Version:X.X.X option is used only for the

Database Installation/Upgrade section. If the database schema version detected

by Metacat matches the application version (eg, 1.9.0), then no further database

configuration is required.

All settings must be in a configured or bypassed state in order to run Metacat.

For new installations or upgrades, click the "go to metacat" link that appears

after configuration is complete to go directly to Metacat. Note that Metacat

indexes at start-up time, so the initial start-up may take some time depending

If you are reconfiguring a running

take effect.

   :align: center

   The Metacat settings as they appear after having been configured.

Global Properties (server, ports, etc)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The Metacat configurations included under Global Properties represent the bulk

of the settings required to run Metacat. Click a blue question-mark

icon beside any setting for detailed instructions. More information about each

property is also included in the :doc:`metacat-properties`.

.. figure:: images/screenshots/image021.png

   :align: center

   The Metacat Global Properties editing screen.

When you save global properties, Metacat also saves a back-up file that is

located in ``/var/metacat/.metacat`` (on Linux) or

``C:\Program Files\metacat\.metacat`` (on Windows). When you update Metacat,

the system automatically locates the back-up file so you do not have to re-enter

the configuration settings.

The first time you install Metacat, the system attempts to automatically detect

the values for a number of settings (see table). It is important to ensure that

these values are correct.

================  ============================================================

Property          Description

================  ============================================================

Metacat Context   The name of the deployed Metacat WAR file (minus the .war

HTTP SSL Port     The secure port where Metacat will be available.

Deploy Location   The directory where the application is deployed.

================  ============================================================

Authentication Configuration

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Because you must specify the Authentication settings before you can access the

main configuration page, the settings will always be configured when you view

them in the admin interface. If you wish to change the authentication settings,

you must restart Metacat to put the changes into effect. For more information

about the Authentication configurations, please see Initial Configurations.

~~~~~~~~~~~~~~~~~~~

MetacatUI themes, however as of Version 2.2.0, skins have been deprecated.

Use MetacatUI themes instead. Themes can be deployed separately from the

Metacat server allowing easier independent user interface customization.

MetacatUI Themes

................

Themes are applied in the Skins Configuration section. If you have installed

the optional Registry, which provides a web interface for creating, editing,

and submitting content to Metacat, you can also choose which form fields

``metacatui`` default configuration.

``Make metacatui default`` radio button. Metacat will open a list of options

that apply to the Registry interface. For more information about creating

.. figure:: images/screenshots/image070.png

   :align: center

   Configuring Metacat themes.

Skins

................

.. deprecated:2.2.0

   Use themes instead

to your customized skin or and click the ``Make <skin_name> default`` radio button.

If you do not have a custom skin, select the ``default`` skin.

interface. For more information about creating skins, see the Creating a Custom Skin

   :align: center

   Configuring Metacat skins.

select the ``default`` skin. Once you have selected a skin, Metacat will open

a list of options that apply to the Registry interface.

Select the lists and modules that you would like to appear in the Registry

form-interface by checking the box beside each. When you save the configuration,

the customized interface will appear to site visitors.

Database Configuration

~~~~~~~~~~~~~~~~~~~~~~

Because the Database Configuration is dependent on values specified in the

been saved, Metacat automatically detects the database schema version and

upgrades it if necessary (and with your permission).

* New Installation

* Upgrade

New Installation

................

If Metacat determines that your database is new, the Database Install/Upgrade

utility lists the SQL scripts that will run in order to create a database

schema for the new version of Metacat.

.. figure:: images/screenshots/image027.png

   :align: center

   Database installation creates tables needed for Metacat.

If the database is not new, or if you have any questions about whether it is

new or not, choose Cancel and contact support at knb-help@nceas.ucsb.edu.

When you choose Continue, Metacat runs the listed scripts and creates the

database schema.

Upgrade

.......

If Metacat identifies a previous database schema, the Database Install/Upgrade

utility notes the existing version and lists the SQL scripts that will run in

order to update the schema for the new version of Metacat.

If the detected schema version is incorrect, or if you have any questions about

whether it is correct or not, click the Cancel button and contact support at

knb-help@nceas.ucsb.edu.When you choose to continue, Metacat runs the listed

scripts and updates the database schema.

.. figure:: images/screenshots/image029.png

   :align: center

   Upgrading an existing database.

Additional upgrade tasks may also run after the database upgrade is complete.

For systems hosting large amounts of data, these upgrade routines can take time to complete.

It is important to let the process complete before using Metacat otherwise your deployment may become unstable.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  Alternatively, you can change the Geoserver username and password manually by

  directly logging in to the Geoserver. To configure the credentials manually:

  3. Navigate to the Password Change Page.  Enter a new user and password and click Submit.

  4. Click Apply then Save to save your new password.

Metacat comes bundled with a Web Mapping Service called Geoserver, which

converts spatial data into Web-deliverable map images. Geoserver installs with

change the default credentials so that only local administrators can make

changes to your Geoserver.* For more information about Geoserver,

When you choose the Geoserver Configuration link from the main configuration

installation. The data directory and context settings allow Geoserver and

Metacat to share the same spatial data store and render maps within Metacat skins.

The security configuration prompts for a new admin password. After you enter

the new settings, Metacat writes the information to the Geoserver deployment.

but if you wish to skip the Geoserver configuration, click the Bypass button.

Geoserver (if deployed) will remain with a default configuration and the main

Metacat configuration screen will display the "bypassed" status beside the

Geoserver settings. You will be able to run Metacat, but maps will not be

rendered.

.. figure:: images/screenshots/image031.png

   :align: center

~~~~~~~~~~~~~~~~~~~~~

Metacat can be configured to operate as a Member Node within the DataONE

federation of data repositories.  See :doc:`dataone` for background and details

on DataONE and details about configuring Metacat to act as a DataONE Member Node.

Replication Configuration

~~~~~~~~~~~~~~~~~~~~~~~~~

Metacat can be configured to replicate its metadata and/or data content to another

Metacat instance for backup and redundancy purposes, as well as to share data across

sites.  This feature has been used to create the Knowledge Network for Biocomplexity

(KNB), as well as other networks.  See :doc:`replication` for details on

the replication system and how to configure Metacat to replicate with another node.

.. Note::

  Note that much of the functionality provided by the replication subsystem in Metacat

  has now been generalized and standardized by DataONE, so consider utilizing the

  DataONE services for replication as it is a more general and standardized approach

  than this Metacat-specific replication system.  The Metacat replication system

  will be supported for a while longer, but will likely be deprecated in a future

  release in favor of using the DataONE replication approach.

~~~~~~~~~~~~~~~~~~~~~~~~~

Metacat can be configured to assign Digital Object Identifiers (DOIs) to metadata/data objects

through a EZID service. Click a blue question-mark icon beside any setting for detailed instructions.

More information about each property is also included in the :doc:`metacat-properties`.

.. figure:: images/screenshots/image072.png

   :align: center

   Configuring EZID service.

------------------------

The most dynamic Metacat properties are managed and modified with the

form-based Metacat Configuration utility. These configuration properties can

also be accessed directly (along with additional static properties) via

Metacat's property files: ``metacat.properties`` (which contains global

properties, e.g., authorization and database values) and

``<SKIN_NAME>.properties`` (which contains skin-specific properties). Each of

these property files is discussed in more depth in this section.

The ``metacat.properties`` file

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Metacat's ``metacat.properties`` file contains all of Metacat's global

properties, both the dynamic properties, which are managed with the

Configuration utility, as well as the more static properties, which can only

be modified manually in this file. The ``metacat.properties`` file also contains

optional properties that are only relevant when optional Metacat features

(such as the harvester or replication) are enabled. The `

`metacat.properties file`` is found here::

  <CONTEXT_DIR>/WEB_INF/metacat.properties

Where ``<CONTEXT_DIR>`` is the directory in which the Metacat application code

of the Web application directory (e.g., ``/var/lib/tomcat7/webapps/``) and

For information about each property and default or example settings, please

see the :doc:`metacat-properties`. Properties that can only be edited manually

in the metacat.properties file are highlighted in the appendix.

<SKIN_NAME>.properties

~~~~~~~~~~~~~~~~~~~~~~

The ``<SKIN_NAME>.properties`` file contains skin-specific properties

(e.g., template information). For each skin, the skin-specific properties are

found here::

  <CONTEXT_DIR>/style/skins/<SKIN_NAME>/<SKIN_NAME>.properties

Where ``<CONTEXT_DIR>`` is the directory in which the Metacat application code

lives (described above) and ``<SKIN_NAME>`` is the name of the skin

(e.g., ``default`` or ``nceas``).

Additional configuration for Tomcat 7

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

When running Metacat on Tomcat 7, you may get the following

error logging in via the Morpho application: "Fatal error sending data to Metacat: Bad Set_Cookie header:JSESSIONID=...".

In order to fix the issue, modify <Catalina_HOME>/conf/context.xml

(e.g., /var/lib/tomcat7/conf/context.xml) by adding a new attribute - "useHttpOnly" - and set it to false for the "Context" element::

  <Context useHttpOnly="false">

Then restart Tomcat 7.