Versions Compared

Old Version 17

changes.mady.by.user Matthew Wagner

Saved on

compared with

New Version Current

changes.mady.by.user Matthew Wagner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Anchor
top
top
This topic describes how to set up an XperienCentral installation in a Windows 2008 2012 and 2012 2016 production environment. The result is that all requests for static content (images, style sheets, and so forth) are handled through the web server and requests for dynamic content (XperienCentral’s HTML) are forwarded by the web server to XperienCentral which processes the requests. In this topic, an environment will be created with two host names:

...

Internal host name:  edit.mywebsite.com


In This Topic

Table of Contents
maxLevel2

 


...

The Directory Structure

After installing XperienCentral, a directory structure is created. You are free to choose your own structure, but GX Software recommends the following: 


<XperienCentral-root>\configuration Contains configuration.xml
                     \deployContains the WM deploy (.war file)
                     Contains the unpacked WM deploy
                     \streaming Website downloads
                     \system System files
                     \work\deploy Directory for deploying plugins
                           \edition-bundlesContains the plugins
                           \jcrContains the JCR config and index
                           \osgiContains the cache for OSGI bundles
                     \wwwroot\mywebsite\cfgFlash elements configuration
                                       \wm
XperienCentral files

...

 



Note

You can create all or part of this directory structure before starting the entire installation process. Create the directories marked with before starting the installation. The others will be created later in this topic.

 


Back to top

 


...

Java Development Kit and Apache Maven

To use Tomcat, Java has to be installed. The Java Development Kit has to be installed before installing XperienCentral. The version made available by Oracle is used which is not the same version that comes with some Microsoft products. Use at least Java version 8 (official support for Java 7 ended in April 2015)11.

To install XperienCentral, Apache Maven is required. Apache Maven is used to build XperienCentral based on the system-specific settings in the settings.xml. Download the Maven ZIP file from http://archivemaven.apache.org/dist/maven/binaries/. Download   Download the latest release of version 3.36.xx (do not use the 4.x.xx versions of Maven). Unzip the ZIP-file into D:\Program Files\. After unzipping, Maven will be installed in:

<drive>:\Program Files\apache-maven-3.36.xx

Follow the instructions in the Maven readme.txt for further steps you must perform.


Setting the Environment Variables

A number of environment variables should be set in order to work with the JDK:

  1. Right-click “My Computer” and select “Properties”.
  2. Select the [Advanced] tab.
  3. Click the [Environment Variables] button.
  4. Click the bottom [New] button to create a new JAVA_HOME system variable.
  5. Add the path to the Java 8 JDK bin directory to the Path system variable.
  6. Save and close the System Properties window.

 


Note

If in the "System Properties" window the value is too long, the complete path is not visible. To see the complete values, the path and/or set command can be executed in a Command prompt.

 

 



Back to top 


...

Anchor
install_tomcat_8
install_tomcat_8
Install and Configure Apache Tomcat

...

9.

...

0.

...

50

XperienCentral is written in Java and requires a servlet container to run. Apache Tomcat is such a servlet container in which XperienCentral can operate. XperienCentral has been tested with Apache Tomcat 89.50.1450. Follow the steps in this section to install and configure it. For instructions on installing and configuring Tomcat 7, click here.

 


Note

GX Software highly strongly recommends that if you are doing a clean install of a Tomcat installation that you use version 89.50.1450.

 


Install Tomcat

Download Tomcat 89.50.14 50 from the link available at http://tomcat.apache.org/ (download the Windows Service Installer). Double-click the downloaded file and then follow the wizard to install Tomcat.

Configure Tomcat

After Tomcat is installed, it requires configuration adjustments to make it fit for XperienCentral.

Change the Startup Parameters

To change the startup parameters of Tomcat, double-click the “Monitor Tomcat” icon in the system tray. If the icon is not present, then activate it. In Windows 2008 use the the Start menu:

                Start > All Programs > Apache Tomcat 89.50.14 50 > Monitor Tomcat

In Windows 2012, navigate Navigate to the Start screen and then select “Monitor Tomcat”.

  1. After activating the Monitor, a pop-up appears. Switch to the [Java] tab.
  2. Set “Initial memory pool” to 512 and the “Maximum memory pool” to 1024. These are the recommended defaults. However, if performance is too slow, increasing these values might improve the performance.
  3. Add the following next lines to the “Java Options” input field:

 


Code Block
themeEclipse
-Dsun.rmi.dgc.server.gcInterval=600000
-Dsun.rmi.dgc.client.gcInterval=600000
-Duser.language=en
-Duser.country=US
-XX:+UseConcMarkSweepGC
-Djava.awt.headless=true
-Dwebmanager.clustering.readonly=false
-Dsun.net.inetaddr.ttl=300
-Djavax.xml.transform.TransformerFactory=com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl
-XX:-ReduceInitialCardMarks
-Dorg.apache.jasper.runtime.JspFactoryImpl.USE_POOL=false
-Dwebmanager.clustering.id=x
-Djava.net.preferIPv4Stack=true
-Dfile.encoding=UTF8

...


Disable the User Account Control (UAC) Settings
When the User Account Control (UAC) settings are turned on, Tomcat (and the Tomcat Configuration Utility) will not start properly. There is a difference in how to switch the UAC off between Windows 2012, Windows 2008 and Windows 2008 R2.
Windows 2012
Follow these steps:
  1. Press the Windows key and then click “Control Panel”.
  2. In “Control Panel”, click “System and Security”.
  3. In the “System and Security” window, click “Change User Account Control settings”.
  4. Move the security slider to the bottom (“Never notify”).
  5. Save this setting and restart the Tomcat server or computer.
Windows 2008 R2
  • Click “Start”, and then click “Control Panel”.
  • In “Control Panel”, click “System and Security”.
  • In the “System and Security” window, click “Change User Account Control settings”.
  • Move the security slider to the bottom (“Never notify”).
  • Save this setting and restart the Tomcat server or computer.
Windows 2008
  • Click “Start”, and then click “Control Panel”.
  • In “Control Panel”, click “User Accounts”.
  • In the “User Accounts” window, click “User Accounts”.
  • In the “User Accounts” tasks window, click “Turn User Account Control on or off”.
  • If UAC is currently configured in Admin Approval Mode, the “User Account Control” message appears. Click “Continue”.
  • Clear the “Use User Account Control (UAC) to help protect your computer” check box, and then click “OK”.
  • Click “Restart Now” to apply the change right away
 
Create a New server.xml
The applications Tomcat starts are defined in the server.xml. After installing Tomcat using the installer, Tomcat will not start XperienCentral. Follow the steps below to make sure that Tomcat starts XperienCentral on startup.

Create a New server.xml
The applications Tomcat starts are defined in the server.xml. After installing Tomcat using the installer, Tomcat will not start XperienCentral. Follow the steps below to make sure that Tomcat starts XperienCentral on startup.
  1. Open the file D:\Program Files\Tomcat 8.x.x\conf\server.xml.
  2. Remove all content from the server.xml and replace it with:

     Code Block
    themeEclipse
    <?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
   <GlobalNamingResources>
      <!-- Userdatabase is used to secure admin pages! Make sure path is ok otherwise the admin jsps will not work -->
      <Resource name="WMUserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="XperienCentral user database" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="D:/Program Files/Tomcat 8.5/conf/admin-users.xml" />
   </GlobalNamingResources>
   <Service name="WebManager">
      <Connector port="8009" enableLookups="false" redirectPort="8443" debug="1" protocol="AJP/1.3" URIEncoding="UTF-8" secretRequired="false" connectionTimeout="600000" /
  3. Open the file D:\Program Files\Tomcat 8.5.14\conf\server.xml.
  4. Remove all content from the server.xml and replace it with:
     Code Block
    themeEclipse
    <?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
   <GlobalNamingResources>
      <!-- Userdatabase is used to secure admin pages! Make sure path is ok otherwise the admin jsps will not work -->
      <Resource<Engine name="WMUserDatabaseWebManager" authdefaultHost="Containerlocalhost" type>
         <Realm className="org.apache.catalina.UserDatabase" description="XperienCentral user database" factoryrealm.LockOutRealm" >
            <Realm className="org.apache.catalina.usersrealm.MemoryUserDatabaseFactoryUserDatabaseRealm" pathnameresourceName="WMUserDatabase"D:/Program Files/Tomcat 8.5/conf/admin-users.xml" />
/>
         </GlobalNamingResources>Realm>
   <Service name="WebManager">
     <Host <Connector portname="localhost" unpackWARs="8009true" enableLookupsautoDeploy="false" redirectPortdeployOnStartup="8443false" debugappBase="1" protocol="AJP/1.3" URIEncoding="UTF-8" connectionTimeout="600000"/D:/XperienCentral/deploy">
      <Engine name="WebManager" defaultHost="localhost">
     <Valve    <Realm className="org.apache.catalina.realmauthenticator.LockOutRealmSingleSignOn" />
            <Realm<Context className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="WMUserDatabase"/>
   path="/web" docBase="webmanager-backend-webapp-1.0-SNAPSHOT.war">
      </Realm>
      <Valve   <Host nameclassName="localhostorg.apache.catalina.authenticator.DigestAuthenticator" unpackWARscache="true" autoDeploy="false" deployOnStartup="false" appBase="D:/XperienCentral/deploy">
            <Valve<Resource classNamename="org.apache.catalina.authenticator.SingleSignOn"/>
            <Context path="/web" docBase="webmanager-backend-webapp-1.0-SNAPSHOT.war">
            <Valve className="org.apache.catalina.authenticator.DigestAuthenticator" cache="true" />
            <Resource name="jdbc/WebManagerDb" auth="Container" type="javax.sql.DataSource" username="sa" password="admin" driverClassName="net.sourceforge.jtds.jdbc.Driver" url="jdbc:jtds:sqlserver://localhost:1433/webmanagerdb;useLOBs=false" maxTotal="100" maxIdle="10" maxWaitMillis="10000" jdbc/WebManagerDb" auth="Container" type="javax.sql.DataSource" username="sa" password="admin" driverClassName="net.sourceforge.jtds.jdbc.Driver" url="jdbc:jtds:sqlserver://localhost:1433/webmanagerdb;useLOBs=false" maxTotal="100" maxIdle="10" maxWaitMillis="10000" testWhileIdle="true" timeBetweenEvictionRunsMillis="900000" removeAbandonedOnBorrow="false" removeAbandonedOnMaintenance="false" removeAbandonedTimeout="30" logAbandoned="true" validationQuery="select 1" />
            </Context> 
         </Host> 
      </Engine>
   </Service> 
</Server>  


Create a New admin-users.xml
For debugging purposes, XperienCentral uses the authentication mechanism of Tomcat. The server.xml contains a reference to the admin-users.xml file in which one or more users are defined. Create the file D:\Program Files\Tomcat 89.50.1450\conf\admin-users.xml and add the following lines to it: 

 Code Block
themeEclipse
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
   <role rolename="wmadmin"/>
   <user username="wmadmin_user" password="MyPassword" roles="wmadmin"/>
</tomcat-users>

...

Create a New context.xml
Create the file D:\Program Files\Tomcat 89.50.1450\conf\context.xml and add the following lines to it:
...
 Code Block
themeEclipse
<?xml version='1.0' encoding='utf-8'?>
<Context>
   <WatchedResource>WEB-INF/web.xml</WatchedResource>
   <CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" />
</Context>


Avoiding Overly Large Log Files
Using the default Tomcat settings, the log file can quickly fill with messages, (information, warning, and error) not all of which you may need to track. GX recommends adjusting the logging.properties file in Tomcat to reduce the number of messages that are logged. Proceed as follows:
  1. Open the D:\Program Files\Tomcat 89.50.1450\conf\logging.properties file.
  2. At the end of the file, add these lines:
...
 Code Block
themeEclipse
nl.gx.level = WARNING
org.apache.felix.level = WARNING
org.apache.jackrabbit.level = WARNING
org.apache.solr.level = WARNING
org.quartz.level = WARNING
org.springframework.level = WARNING
nl.gx.webmanager.startup.level = INFO
# Upgrade bundle logging
nl.gx.webmanager.services.upgrade.impl.level = INFO
#OpenID
org.verisign.joid.level = WARNING


The JDBC Drivers
Obtain a copy of the database driver from the /ext folder of the XperienCentral installation. Copy the driver for your database to the directory D:\Program Files\Tomcat 89.50.1450\lib. Use the following JAR files for the following databases:
  • For MSSQL, copy jtds-x.jar to D:\Program Files\Tomcat 89.50.1450\lib.
  • For MySQL, copy mysql-connector-java-x.jar to D:\Program Files\Tomcat 8.5.14\lib.For Oracle, copy oraclejdbcdriver-x.jar to D:\Program Files\Tomcat 89.50.1450\lib.

    where x in the .jar files above is the version number of the database driver you are using.

    In XperienCentral versions 10.19.1 and earlier, the mysql-connector-java driver was available in the SDK in the /ext and /maven-repository directories. This library has been removed from the 10.20.0 and later SDKs and must be manually downloaded and installed in D:\Program Files\Tomcat 9.0.50\lib.
ISAPI Redirector
After following all the steps in this part, the webserver (IIS) will receive all the requests for the website. If it’s a request for an image, the webserver can handle that request on its own and will return the image. If the request is for a page, IIS will request the page from XperienCentral (running inside Tomcat). The communication between IIS and Tomcat is handled by the ISAPI Redirector. The ISAPI Redirector can be downloaded from the Tomcat website (http://apache.mirror1.spango.com/tomcat/tomcat-connectors/jk/binaries/windows/).
 

 Note
In the code snippets given below, absolute paths are used. Adjust these paths if your folder structure is different.
 

  1. Create the following folder and place the file isapi_redirect.dll in it:

    D:\Program Files\Jakarta Isapi Redirector\bin\

  2. Create the following file:

    D:\Program Files\Jakarta Isapi Redirector\bin\isapi_redirect.properties

  3. Add the following lines to it:


     Code Block
    themeEclipse
    extension_uri=/jakarta/isapi_redirect.dll
log_file= D:\Program Files\Jakarta Isapi Redirector\logs\isapi_redirect.log
# Possible Log levels: debug, info, warn, error or trace log_level=info
worker_file=D:/Program Files/Jakarta Isapi Redirector/conf/workers.properties
worker_mount_file=D:/Program Files/Jakarta Isapi Redirector/conf/uriworkermap.properties



  4. Create the following folder and file:

    D:\Program Files\Jakarta Isapi Redirector\conf\workers.properties

  5. Add the following lines to it:

     Code Block
    themeEclipse
    worker.list=ajp13w
worker.ajp13w.type=ajp13
worker.ajp13w.host=localhost
worker.ajp13w.port=8009
worker.ajp13w.connection_pool_size=250
worker.ajp13w.connection_pool_timeout=600
worker.ajp13w.socket_timeout=600


  6. Create the following file:

    D:\Program Files\Jakarta Isapi Redirector\conf\uriworkermap.properties

  7. Add this line to it:

     Code Block
    themeEclipse
    /web/*=ajp13w

 



Back to top
 
...
...

...
Configure 
...
XperienCentral is written in Java and requires a servlet container to run. Apache Tomcat is such a servlet container in which XperienCentral can operate.
Install Tomcat
Download Tomcat from http://tomcat.apache.org/download-70.cgi (download the Windows Service Installer). Double-click the downloaded file (apache-tomcat-7.0.25.exe for example) and then follow the wizard to install Tomcat.
Configure Tomcat
After Tomcat is installed, it requires configuration adjustments to make it fit for XperienCentral.
Change the Startup Parameters
To change the startup parameters of Tomcat, double-click the “Monitor Tomcat” icon in the system tray. If the icon is not present, then activate it. In Windows 2008 use the the Start menu:
                Start > All Programs > Apache Tomcat 7.0 > Monitor Tomcat
In Windows 2012, navigate to the Start screen and then select “Monitor Tomcat”.
  1. After activating the Monitor, a pop-up appears. Switch to the [Java] tab.
  2. Set “Initial memory pool” to 512 and the “Maximum memory pool” to 1024. These are the recommended defaults. However, if performance is too slow, increasing these values might improve the performance.
  3. Add the following next lines to the “Java Options” input field:
 
 Code Block
themeEclipse
-Dsun.rmi.dgc.server.gcInterval=600000
-Dsun.rmi.dgc.client.gcInterval=600000
-Duser.language=en
-Duser.country=US
-XX:+UseConcMarkSweepGC
-Djava.awt.headless=true
-Dwebmanager.clustering.readonly=false
-Dsun.net.inetaddr.ttl=300
-Djavax.xml.transform.TransformerFactory=com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl
-XX:-ReduceInitialCardMarks
-Dorg.apache.jasper.runtime.JspFactoryImpl.USE_POOL=false
-Dwebmanager.clustering.id=x
-Djava.net.preferIPv4Stack=true
-Dfile.encoding=UTF8

 
Disable the User Account Control (UAC) Settings
When the User Account Control (UAC) settings are turned on, Tomcat (and the Tomcat Configuration Utility) will not start properly. There is a difference in how to switch the UAC off between Windows 2012, Windows 2008 and Windows 2008 R2.
Windows 2012
  • Press the Windows key and then click “Control Panel”.
  • In “Control Panel”, click “System and Security”.
  • In the “System and Security” window, click “Change User Account Control settings”.
  • Move the security slider to the bottom (“Never notify”).
  • Save this setting and restart the Tomcat server or computer.
Windows 2008 R2
  • Click “Start”, and then click “Control Panel”.
  • In “Control Panel”, click “System and Security”.
  • In the “System and Security” window, click “Change User Account Control settings”.
  • Move the security slider to the bottom (“Never notify”).
  • Save this setting and restart the Tomcat server or computer.
Windows 2008
  • Click “Start”, and then click “Control Panel”.
  • In “Control Panel”, click “User Accounts”.
  • In the “User Accounts” window, click “User Accounts”.
  • In the “User Accounts” tasks window, click “Turn User Account Control on or off”.
  • If UAC is currently configured in Admin Approval Mode, the “User Account Control” message appears. Click “Continue”.
  • Clear the “Use User Account Control (UAC) to help protect your computer” check box, and then click “OK”.
  • Click “Restart Now” to apply the change right away
 
Create a New server.xml
The applications Tomcat starts are defined in the server.xml. After installing Tomcat using the installer, Tomcat will not start XperienCentral. Follow the steps below to make sure that Tomcat starts XperienCentral on startup.
...
the Apache PDFBox Cache Directory
XperienCentral uses the Apache PDFBox library for working with PDF documents. In order for the library to function correctly, you need to configure the directory it uses for caching. To do so set the pdfbox.fontcache system property to use the Java tmp directory. Be sure that XperienCentral has sufficient rights to write to the tmp directory.


Back to top

...
Security Enhancements
GX Software constantly performs penetration tests using third parties in order to protect you from the latest security threats. The security tips listed below are frequently updated and added to based on our findings. Please review each tip in order to ensure that your XperienCentral environment is protected from the latest security vulnerabilities.
  • You should install an active virus scanner in the environment where XperienCentral is running. Because files (images, downloads, etc.) can be uploaded to XperienCentral, it is unwise to rely on the client's virus scanner to detect viruses. The installation of the virus scanner is out of scope for the XperienCentral documentation, therefore only this general recommendation is given.

  • To enhance security on a DNS level, a DNSSEC (Domain Name Systems Security Extensions) and a CAA (Certification Authority Authorization) should be configured on the domain of each client's website. This must be configured by the hosting company with whom the domain is registered. Verify that this is activated for the corresponding website domain.

  • The XperienCentral environment (including Tomcat/Apache) should be isolated (from a security and performance perspective) from other software installations if they reside on the same server. This prevents unauthorized access between applications. When using a dedicated (virtual) server for the XperienCentral installation, this requirement is automatically fulfilled. This ensures that no access is given to other applications on the same server as XperienCentral, and if the website goes down because of performance issues, the other application(s) are not affected.

  • When HTTPS is used in an XperienCentral environment, make sure that the Cipher Suites that the server presents to the browser belonging to the SSL protocol has no weak suites available. Weak suites are a security risk and should not be delivered by the server. You can test the Cipher Suite weaknesses in your environment at ssllabs.com. You can view some examples of an Apache configuration for SSL Cipher Suites at https://ssl-config.mozilla.org/. One such example is:
     

     Code Block
    themeEclipse
    # intermediate configuration - tweak to your own needs
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

     
     
  • When HTTPS is used, Expect-CT should be added to the response header in order to optimize the security of the SSL connection. This header forces the browser to check the SSL certificate for Certificate Transparency. If the SSL certificate is not transparent, the browser refuses the connection (the enforce option). Add the following header to your Apache configuration in order to enable Expect-CT headers: 

    Expect-CT: max-age=86400, enforce

  • To prevent the malicious use of browser API functions, you should add the response header Feature-Policy to your Apache configuration. This header sets restrictions on the browser API functions. For example, when the browser on a mobile device receives a header with the option camera 'none' then the camera can't be used on that device. The default setting for this header disables all API functions but can of course be customized. GX Software recommends that you add the following header to your default configuration:


     Code Block
    themeEclipse
    Feature-Policy: vibrate 'none'; geolocation 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; usb 'none'; vibrate 'none'; vr 'none';


    The full list of options can be found at OWASP Feature Policy


Back to top
...
 Code Block
themeEclipse
<Server port="8005" shutdown="SHUTDOWN">
   <GlobalNamingResources>
      <!-- Userdatabase is used to secure admin pages! Make sure path is ok otherwise the admin jsps will not work -->
      <Resource name="WMUserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="XperienCentral user database" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="D:/Program Files/Tomcat 7.0/conf/admin-users.xml" />
   </GlobalNamingResources>
   <Service name="WebManager">
      <Connector port="8009" enableLookups="false" redirectPort="8443" debug="1" protocol="AJP/1.3" URIEncoding="UTF-8" connectionTimeout="600000"/>
      <Engine name="WebManager" defaultHost="localhost">
         <Realm className="org.apache.catalina.realm.LockOutRealm" >
            <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="WMUserDatabase"/>
         </Realm>
         <Host name="localhost" unpackWARs="true" autoDeploy="false" deployOnStartup="false" appBase="D:/GX-WebManager/deploy">
            <Valve className="org.apache.catalina.authenticator.SingleSignOn"/>
            <Context path="/web" docBase="webmanager-backend-webapp-1.0-SNAPSHOT.war">
               <Valve className="org.apache.catalina.authenticator.DigestAuthenticator" cache="true" />
      <Resource name="jdbc/WebManagerDb" auth="Container" type="javax.sql.DataSource" username="sa" password="admin" driverClassName="net.sourceforge.jtds.jdbc.Driver" url="jdbc:jtds:sqlserver://localhost:1433/webmanagerdb;useLOBs=false" maxActive="100" maxIdle="10" maxWait="10000" testWhileIdle="true" timeBetweenEvictionRunsMillis="900000" removeAbandoned="true" removeAbandonedTimeout="30" logAbandoned="true"
            </Context>
         </Host>
      </Engine>
   </Service>
</Server>

Create a New admin-users.xml
For debugging purposes, XperienCentral uses the authentication mechanism of Tomcat. The server.xml contains a reference to the admin-users.xml file in which one or more users are defined. Create the file D:\Program Files\Tomcat 7.0\conf\admin-users.xml and add the following lines to it:
 
 Code Block
themeEclipse
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
   <role rolename="wmadmin"/>
   <user username="wmadmin_user" password="MyPassword" roles="wmadmin"/>
</tomcat-users>

 
Create a New context.xml
Create the file D:\Program Files\Tomcat 7.0\conf\context.xml and add the following lines to it:
 Code Block
themeEclipse
<?xml version='1.0' encoding='utf-8'?>
<Context sessionCookiePath="/">
   <WatchedResource>WEB-INF/web.xml</WatchedResource>
</Context>

Avoiding Overly Large Log Files
Using the default Tomcat settings, the log file can quickly fill with messages, (information, warning, and error) not all of which you may need to track. GX recommends adjusting the logging.properties file in Tomcat to reduce the number of messages that are logged. Proceed as follows:
  1. Open the D:\Program Files\Tomcat 7.0\conf\logging.properties file.
  2. At the end of the file, add these lines:
 Code Block
themeEclipse
nl.gx.level = WARNING
org.apache.felix.level = WARNING
org.apache.jackrabbit.level = WARNING
org.apache.solr.level = WARNING
org.quartz.level = WARNING
org.springframework.level = WARNING
nl.gx.webmanager.startup.level = INFO
# Upgrade bundle logging
nl.gx.webmanager.services.upgrade.impl.level = INFO
#OpenID
org.verisign.joid.level = WARNING

The JDBC Drivers
Obtain a copy of the database driver from the /ext folder of the XperienCentral installation. Copy the driver for your database to the directory D:\Program Files\Tomcat 7.0\lib. Use the following JAR files for the following databases:
  • For MSSQL, copy jtds-1.3.1.jar to D:\Program Files\Tomcat 7.0\lib.
  • For MySQL, copy mysql-connector-java-5.1.19.jar to D:\Program Files\Tomcat 7.0\lib.
  • For Oracle, copy oraclejdbcdriver-12.1.0.2.jar to D:\Program Files\Tomcat 7.0\lib.
ISAPI Redirector
After following all the steps in this part, the webserver (IIS) will receive all the requests for the website. If it’s a request for an image, the webserver can handle that request on its own and will return the image. If the request is for a page, IIS will request the page from XperienCentral (running inside Tomcat). The communication between IIS and Tomcat is handled by the ISAPI Redirector. The ISAPI Redirector can be downloaded from the Tomcat website (http://apache.mirror1.spango.com/tomcat/tomcat-connectors/jk/binaries/windows/).
 
 Note
In the code snippets given below, absolute paths are used. Adjust these paths if your folder structure is different.
 
...
 Code Block
themeEclipse
extension_uri=/jakarta/isapi_redirect.dll
log_file= D:\Program Files\Jakarta Isapi Redirector\logs\isapi_redirect.log
# Possible Log levels: debug, info, warn, error or trace log_level=info
worker_file=D:/Program Files/Jakarta Isapi Redirector/conf/workers.properties
worker_mount_file=D:/Program Files/Jakarta Isapi Redirector/conf/uriworkermap.properties

...
 Code Block
themeEclipse
worker.list=ajp13w
worker.ajp13w.type=ajp13
worker.ajp13w.host=localhost
worker.ajp13w.port=8009
worker.ajp13w.connection_pool_size=250
worker.ajp13w.connection_pool_timeout=600
worker.ajp13w.socket_timeout=600

...
 Code Block
themeEclipse
/web/*=ajp13w

 
Back to top
Configure the Apache PDFBox Cache Directory
XperienCentral uses the Apache PDFBox library for working with PDF documents. In order for the library to function correctly, you need to configure the directory it uses for caching. To do so set the pdfbox.fontcache system property to use the Java tmp directory. Be sure that XperienCentral has sufficient rights to write to the tmp directory.
 
Back to top