This information relates to setting up Moves so that starts and communicates with
- The OC4J container that Moves is running on
- Mitsis Database
- Maven Command Line
- Subversion Command Line
- MIT Maven repository.
It does not cover ongoing maintenance of the applications that moves builds/deploys. Nor does it cover maintenance of containers that moves deploys applications to. People who might be interested in this section are:
- Ops folks who need to setup MOVES in Development, Test or Production
- MOVES Developers; ie developers who are maintaining moves itself, and need to stand up a Debug/Build environment.
Truststores and Keystores
The trust store for Moves (serverTrustStore.jks) must include the MIT Certificate Authority. The keystore (moves-test.jks or moves.jks on production) is required to access the roles database.
The difference between how ops deploys a container and how developers deploy a container is restricted to the location of the serverTrustStore and application key store.
Location of the application key store and the server trust store for DEVELOPERS
A copy of the server trust store is located here: serverTrustStore.jks
A copy of the development key store is located here: moves-test.jks
These are valid at the time of writing for developing moves. If they expire, new copies can be obtained from the ops team. Please see your team lead for details.
serverTrustStore.jks and moves-test.jks should be copied to the folder keystores in your home folder.
- On Windows, this would typically be C:/Users/your-user-name/keystores/
- On Unix/Linux, this would be /home/your-user-name/keystores.
Location of the application key store and the server trust store for OPS
The standard location for the truststore and keystore are
- Trust Store: ${OC4J installation Directory}/j2ee/home/config/serverTrustStore.jks
- Key Store: ${OC4J installation Directory}/j2ee/home/config/moves-test.jks (Test/Development) OR ${OC4J installation Directory}/j2ee/home/config/moves.jks (Production).
default-web-site.xml
In your ${OC4J Install Dir}/j2ee/home/config folder, there should be a file called default-web-site.xml, that looks something like this:
<?xml version="1.0"?>
<web-site xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/web-site-10_0.xsd"
port="8888"
display-name="OC4J 10g (10.1.3) Default Web Site"
schema-major-version="10"
schema-minor-version="0" >
<default-web-app application="default" name="defaultWebApp" />
<web-app application="system" name="dms0" root="/dmsoc4j" />
<web-app application="system" name="dms0" root="/dms0" />
<web-app application="system" name="JMXSoapAdapter-web" root="/JMXSoapAdapter" />
<web-app application="default" name="jmsrouter_web" load-on-startup="true" root="/jmsrouter" />
<web-app application="javasso" name="javasso-web" root="/jsso" />
<web-app application="ascontrol" name="ascontrol" load-on-startup="true" root="/em" ohs-routing="false" />
<access-log path="../log/default-web-access.log" split="day" />
</web-site>
(We will not be deploying over https, since in production, https is handled by an apache server).
OC4J datasource
The datasource is configured in ${OC4J installation Directory}/j2ee/home/config/data-sources.xml. On Test and Prod environments the username for the datasource is always ds_gen_moves. Developers should never use this username. Instead, they should use the oracle username and password that was given to them by their database administrator.
<data-source
class="com.evermind.sql.DriverManagerDataSource"
name="OracleDS"
location="jdbc/MitsisDS"
xa-location="jdbc/xa/StargateXADS-unused"
ejb-location="jdbc/OracleDS-unused"
connection-driver="oracle.jdbc.driver.OracleDriver"
username="your-oracle-username"
password="******"
url="jdbc:oracle:thin:@//earth-vault-2.mit.edu:1523/sundev2"
inactivity-timeout="30"
/>
Development and Production containers.
- Development - sky-app-1
- Production - sea-app-1
Moves should be configured on a standalone container and NOT ON A CLUSTER. The code is not cluster safe due to scheduling and log file restrictions.
Properties file
A commented properties file is included below. The property file must be copied to ${user.home}/sais-moves-web.properties. For OPS, this is typically /home/oracle/sais-moves-web.properties. For developers on Windows, this is typically C:/Users/your-user-name/sais-moves-web.properties.
# The truststore and keystore must be correctly configured in moves.
# The line below is typical for OPS
webservices.trustStore=config/serverTrustStore.jks
# Developers should use
# webservices.trustStore=${user.home}/keystores/serverTrustStore.jks
webservices.trustStorePassword=changeit
# The line below is typical for OPS (on a DEV/TEST server)
webservices.keyStore=config/moves-test.jks
# Developers should use
# webservices.keyStore=${user.home}/keystores/moves-test.jks
webservices.keyStorePassword=changeit
# Since moves uses the roles database, we need to specify a roles
# web service url and a function category. The following should work.
roles.function.category=APPM
webservices.mitroles.url=https://ws-test.mit.edu/uaws/services/ua
# If you are a developer, you may want to uncomment the following lines. These
# Allow you to use login locally, with all roles, instead of using the roles web service.
# Change username and password to whatever you like.
# local.user.name=eotoole
# local.user.password=eotoole
# local.mitroles = MOVES_ADMIN, MOVES_MANAGER, MOVES_DEV, MOVES_QA, MOVES_TEST, MOVES_PROD
# local.authentication = true
# These properties are used to access the maven repository.
mit.maven.repository.username=moves#string
mit.maven.repository.password=dvtlsais
# Moves operates under the assumption that all oc4j containers in an environment type
# WILL HAVE THE SAME ADMINISTRATOR USERNAME AND PASSWORD.
# Environment Types are Production, QA, Dev etc.
# The username is typically oc4jadmin, but the password is different for each environment type.
# (So all Production containers will have the same username and password, all Test containers
# will have another password etc).
#
# Moves also allows you to create an arbitrary environment types.
# So today there exists P (Production), Q (QA), D (Development), but in the future we might add
# U (User acceptance testing) or other environments.Since it was a requirement that these usernames
# exist in the properties file, we use the convention:
# oc4j.deployer.username.[environmentTypeId]=[oc4j username]
# oc4j.deployer.password.[environmentTypeId]=[oc4j password]
#
# See examples below
#
# The moves App allows you to create arbitrary environments. The standard environments are
# P (Production), Q (QA), D (Development). Below we have properties to set the oc4j
# usernames and passwords for these environments. If you add new environments you need
# to add new properties
#
# So for example, if you add a UAT environment (U) you would add
# oc4j.deployer.username.U=[oc4j username]
# oc4j.deployer.password.U=[oc4j password]
#
# OC4J username and password to deploy applications to Dev environments (environmentTypeId=D)
oc4j.deployer.username.D=oc4jadmin
oc4j.deployer.password.D=XXXXXXX
#
# OC4J username and password to deploy applications to QA environments (environmentTypeId=Q)
# oc4j.deployer.username.Q=oc4jadmin
# oc4j.deployer.password.Q=[password]
# OC4J username and password to deploy applications to prod environments (environmentTypeId=P)
# oc4j.deployer.username.P=oc4jadmin
# oc4j.deployer.password.P=[password]
Developer Warning
For local builds, the webservices.trustStore and webservices.keyStore should be modified as outlined in the comments.