1. Confirm that the MAP standard system accounts in /home are correctly installed. If not, request that they be installed from ASST, or install them using ISDA System User Setup.
  2. Install OpenSSL, Apache, and SASH Server, according to Apache, SSL, SASH Server Install Instructions for Thalia, Web Services, etc.
  3. Send a request to accounts@MIT.EDU to get a daemon keytab. When it arrives, install it in /home/www/etc/krb as daemon.`hostname -s`.krb5.keytab.
  4. Stop services. 
    /etc/init.d/web stop
  5. Install the Clearspace WAR file.
    1. Download and install the Clearspace WAR file from Trogdor. Create the Clearspace home directory. 
      cd /home/root
scp root@trogdor:/opt/software-repository-tmp/Clearspace/clearspace.war /home/root
cd /home/www/sash-server/servers/clearspace/webapps/
cp /home/root/clearspace.war /home/www/sash-server/servers/clearspace/webapps/
mkdir /home/www/sash-server/servers/clearspace/webapps/clearspace
cd /home/www/sash-server/servers/clearspace/webapps/clearspace
$JAVA_HOME/bin/jar -xvf /home/www/sash-server/servers/clearspace/webapps/clearspace.war
cd /home/www/sash-server/servers/clearspace/webapps/
rm -rf /home/www/sash-server/servers/clearspace/webapps/ROOT
ln -s /home/www/sash-server/servers/clearspace/webapps/clearspace \
   /home/www/sash-server/servers/clearspace/webapps/ROOT
mkdir /home/www/clearspace
chown -R www:www /home/www
    2. Install a database connector from Trogdor. 
      scp root@trogdor:/opt/software-repository-tmp/MySQL/mysql-connector-java-3.0.17-ga.jar \
   /home/www/sash-server/core/common/lib
cd /home/www/sash-server/core/common/lib
chown -R www:www /home/www
    3. Clear the work directory from the clearspace container. 
      cd /home/www/sash-server/servers/clearspace/webapps
rm -rf /home/www/sash-server/servers/clearspace/webapps/work
    4. In $SASHSRV_HOME/servers/clearspace/conf/sashsrv.conf, set the Java memory limits. 
      JAVA_OPTS="-XX:MaxPermSize=128m \-Xmx768m"
    5. In the AJP Connector block in server.xml, disable Tomcat authentication. 
      request.tomcatAuthentication="false" address="127.0.0.1"
    6. Start services. Monitor the SASH processes with top. When CPU utilization drops, point a browser at the server's URL. Begin the config process.
      1. Enter the Jive home directory, /home/www/clearspace, and press continue.
      2. Select commercial license, and use the license file on Trogdor, at /opt/software-repository-tmp/Clearspace/cslicense.txt. Validate the license, and continue.
      3. Select "Standard Database Connection" and press continue.
      4. Log into the MySQL replication master, and configure the database on the MySQL replicator. 
        mysql
   create database cspacetest;
   grant all on cspaceitest.* to 'cspaceusr'@'localhost' identified by '*****' with grant option;
   grant all on cspacetest.* to 'cspaceusr'@'localhost.localdomain' identified by '*****' with grant option;
   grant all on cspacetest.* to 'cspaceusr'@'cms-test-tspace1' identified by '*****' with grant option;
   grant all on cspacetest.* to 'cspaceusr'@'cms-test-tspace1.mit.edu' identified by '*****' with grant option;
        • Change the database name to be unique, the hostname to be the hostname of the server clearspace is being installed on, and the password.
      5. Enter the database information in your browser. Test the database connection and continue.
      6. Select the default user settings and continue.
      7. Skip the document sharing step.
      8. Disable Usage Statistics and press continue.
      9. Set the Space Name, email name and address, and mail host options.
      10. Change the admin password, and press continue.
      11. If it reports that setup is now complete, monitor the SASH processes on the server using top. Restart services, and wait for CPU% to drop.
  6. Install Touchstone.
  7. Add the following to the end of the /home/www/shibboleth/etc/shibboleth/apache22.config file to set certain directories to require Shibboleth: 
    <Files *.sso>
SetHandler shib-handler
</Files>

<Location /Shib-gateway>
 AuthType shibboleth
 require shibboleth
  ShibRequireSession On
  require valid-user
</Location>

<Location />
 AuthType shibboleth
 require shibboleth
  ShibRequireSession On
</Location>

<Location /mitLogin.jsp>
 AuthType shibboleth
 require shibboleth
  ShibRequireSession On
require valid-user
</Location>

ScriptAlias /shibenv "/home/www/apache-2.2.4/cgi-bin/shibenv.pl"
<Location /shibenv>
  AuthType shibboleth
  ShibRequireSession On
  require valid-user
</Location>
    • Then restart services.

8.   Log into the admin web interface for Clearspace, and go to System --> System Properties

9.    Set the jive.auth.disallowGuest property to false

  • No labels