CESeCore Setup - CESeCore

cuttlefishblueΔιαχείριση Δεδομένων

16 Δεκ 2012 (πριν από 4 χρόνια και 8 μήνες)

320 εμφανίσεις



Copyright 2009
-
2012 © CESeCore Consortium


Page
1

of
7


CESeCore Setup

Version 1.1.2

Contents

CESeCore Setup

................................
................................
................................
...............

1

1

Checking out CESeCore

................................
................................
............................

2

2 Building and deploying CESeCore
................................
................................
............

3

2.1 Configure CeSecore

................................
................................
............................

3

2.2 Configure CeSecore for back
up/restore

................................
.............................

4

2.3 Configure CeSecore for audit and audit export

................................
..................

4

2.4 Build CeSecore

................................
................................
................................
...

5

2.5 Glassfish

................................
................................
................................
.............

5

2.6 JBoss

................................
................................
................................
...................

6

2.7 Reset datab
ase after running tests

................................
................................
.......

7



CESeCore Setup


Version 1.1.2

Copyright 2009
-
2012 © CESeCore Consortium


Page
2

of
7


1 Checking out CESeCore

Since these are the platforms in
which CESeCore was
tested and
evaluated
,
the
procedures described in this document

assume that the host system is compliant with
the
following
pre
requisites
:

Item

Platform A

Platform B

OS

Red Hat Enterprise Linux v5.5
x86_64 (64bit)

Windows Server 2008 Enterprise with
SP2 x86 (32bit)

JDK

Oracle JDK 1.6.0_27 64 bit

Oracle JDK 1.6.0_23 32 bit

Database

PostgreSQL 9.0.2

MySQL Community Server 5.1.55

MySQL Connector/J 5.1.15

Application
Server

JBoss 5.1.0.GA

Glassfish v2.1.1

HSM

Safenet LunaSA

Firmware version 4.6.8

Utimaco CryptoServer

Firmware version 2.30.2

Build Tool

Ant
v1.8.2

Subversion
client

Subversion client 1.6.6

SlikSVN 1.6.15

Tested Pla
tforms


In order to check out CESeCore,
l
og in to the server (Administrator on windows). Open
a shell/cmd window.

Run subversion command to check out CESeCore.

Commands for checking out the desired version of CESeCore can be found at
releases
.

If cesecore is already checked out, you can simply update instead.

cd cesecore

svn update

Build CESeCore. In order to build CESeCore you need to have the environment
variable APPSRV_HOME set to where your

application server is.

CESeCore Setup


Version 1.1.2

Copyright 2009
-
2012 © CESeCore Consortium


Page
3

of
7


If you use a finished test image, this is already done for you
. If you are installing
yourself set:

On Linux

export APPSRV_HOME=/home/cesecore/glassfish

or

export APPSRV_HOME=/home/cesecore/jboss
-
5.1.0.GA

On Windows you set environment variables in
Control Panel
-
>System
-
>Advanced
system settings
-
>Environment Variables
.

2 Building and deploying CESeCore

2.1 Configure CeSecore

There are a very few configuration options you have to configure, depending on t
he
application server and database used. Open the file
cesecore/src/main/resources/conf/database.properties

and configure the properties for
your application server and database. If
cesecore/src/main/resources/conf/database.properties

does not exist, copy
cesecore/src/main/resources/conf/database.properties.sample

to
cesecore/src/main/resources/conf/database.properties
.

For Glassfish with MySQL you need to configure one setting:

datasource.jndi
-
name
-
prefix = jdbc/

For JBoss with PostgreSQL you need to con
figure a few settings:

database.vendor=postgres

database.name=cesecore

database.username=cesecore

database.password=cesecore

database.driver=org.postgresql.Driver

database.url=jdbc:postgresql://127.0.0.1:5432/

CESeCore Setup


Version 1.1.2

Copyright 2009
-
2012 © CESeCore Consortium


Page
4

of
7


2.2 Configure CeSecore for backup/restore

There are a very few configuration options you have to configure, depending on the
application server and database used. Copy the file file
cesecore/src/main/resources/conf/backup.properties.sample

to
backup.properties

and
configure the properties for your

database.

Linux with Postgres example:

backup.directory=/tmp

backup.database.home=/usr

backup.dbdump.command=${backup.database.home}/bin/pg_dump
-
Fc
-
w
-
h${database.host}
-
U${database.username}
-
b ${database.name}
-
f

backup.dbrestorecommand=${backup.dat
abase.home}/bin/pg_restore
-
c
-
w
-
h${database.host}
-
U${backup.keyword.databasesuperuserid}
-
d${database.name} ${backup.keyword.sourcefile}

backup.dbdump.password.env=PGPASSWORD

Windows with MySQL example:

backup.directory=/

backup.database.home=/Program
Files/MySQL/MySQL Server 5.1

backup.dbdump.command=${backup.database.home}/bin/mysqldump
--
add
-
drop
-
table
-
h${database.host}
--
port=${database.port}
-
u${database.username}
-
p${database.password}
${database.name}
-
r

backup.dbrestorecommand=${backup.database
.home}/bin/mysql
-
h${database.host}
--
port=${database.port}
-
u${backup.keyword.databasesuperuserid}
-
p${backup.keyword.databasesuperuserpassword} ${database.name}
-
e "source
${backup.keyword.sourcefile}"

Also copy the file file
cesecore/src/functionaltests
/resources/conf/backup.test.properties.sample

to
backup.test.properties

and configure the properties for your database.

MySQL example:

backup.database.superuser.username=root

backup.database.superuser.password=foo123

Postgres example:

backup.database.superuser.username=sucesecore

backup.database.superuser.password=sucesecore

2.3 Configure CeSecore for audit and audit export

Configure the file
cesecore/src/main/resources/conf/cesecore.properties

for your
desired audit configuration.

CESeCore Setup


Version 1.1.2

Copyright 2009
-
2012 © CESeCore Consortium


Page
5

of
7


2.
4 Build CeSecore

When you have checked out and configured CeSecore you can build the test EAR JEE
Enterprise Archive) file:

cd cesecore

ant ear.archive

This command will build jar and ear files in the bin directory. The command
will also
run the basic stand alone JUnit tests and produce a report in the bin/reports directory.

If you have errors about "cloverlib.xml not found" during build, this is normal and
nothing to worry about.
Clover

is a tool used during development and QA.

If you also want to run PKCS#11 tests you should run

ant
-
Dtest.includep11=true ear.archive

2.5 Glassfish

Before glassfish can be used, configuration of datasources must be done, as described in
Glassfish
. On the
image

this has already been done.



Open a new terminal window t
o run the Glassfish commands in.

cd

%APPSRV_HOME%
\
bin



Start glassfish

asadmin.bat start
-
domain

(you can now access the Glassfish admin console at
http://localhost:4848/l
ogin.jsf
, login
with admin, adminadmin.)



Deploy CeSecore test ear file.

asadmin.bat deploy
\
Users
\
Administrator
\
cesecore
\
bin
\
cesecore.ear

(note that the exact path to cesecore.ear depends on where your were located when
checking out cesecore in 5.1.1)

CESeCore Setup


Version 1.1.2

Copyright 2009
-
2012 © CESeCore Consortium


Page
6

of
7


I
f you re
-
deploy cesecore you should re
-
start the application server to avoid issues with
security providers and class loaders.



Go back to the CeSecore terminal window and run functional (system) tests

ant test:func

To include PKCS#11 tests run

and
-
Dtest.includep11=true test:func

The command will run the automatic functional system tests and produce a report in the
bin/reports directory.



If you want to undeploy CeSecore you can run the following command in the
Glassfish terminal window:

asadmin.ba
t undeploy cesecore

2.6 JBoss



If JBoss isn't already running and you are not using the test environment (where
JBoss is installed as a service), open a new terminal window to run the JBoss
commands in.

cd $APPSRV_HOME/bin



Start JBoss

./run.sh



Go back to the CeSecore terminal window and deploy the CeSecore test ear file

ant
-
Dskip.test=true harddeploy

If you re
-
deploy cesecore you should re
-
start the application server to avoid issues with
security providers and class loaders.

CESeCore Setup


Version 1.1.2

Copyright 2009
-
2012 © CESeCore Consortium


Page
7

of
7




Run functional (
system) tests, in the CeSecore terminal window

ant test:func

To include PKCS#11 tests run

ant
-
Dtest.includep11=true test:func

The command will run the automatic functional system tests and produce a report in the
bin/reports directory.



If you want to u
ndeploy CeSecore you can delete the file:

$APPSRV_HOME/server/default/deploy/cesecore.ear

2.7 Reset database after running tests

After running tests with test:func, you need to reset the database, i.e. drop the database
and re
-
create it.

2.7.1 MySQL

Open MySQL Administration. On the image the mysql root password is foo123.

mysql>drop database cesecore

mysql>create database cesecore

2.7.2 PostgreSQL

>sudo su
-

postgres

>dropdb cesecore

>createdb cesecore