Overview
Item | Description |
---|---|
Purpose | Provide configuration settings for TDS components |
Communicates With | OpenAM Permissions ART Proctor Teacher Hand-Scoring System TestSpecBank |
Repository Location | https://github.com/SmarterApp/SS_ProgramManagement |
Additional Documentation | Program Management User Guide ProgMan Technical Design API Documentation Design Diagrams Sequence Diagrams |
Instructions
Create AWS MongoDB Instance
- Create server instance to host the MongoDB instance that will support the component being deployed
- Select an image with the Ubuntu 14.04 LTS 64-bit operating system
- Create or choose an AWS security group with the following ports for inbount TCP traffic (can be done during instance creation):
- 22
- 27017 - 27019
- 28017 - 28018
- Remove
apparmor
:sudo /etc/init.d/apparmor stop
sudo update-rc.d -f apparmor remove
sudo apt-get --purge remove -y apparmor apparmor-utils libapparmor-perl libapparmor1
- Update package manager:
sudo apt-get update
sudo apt-get upgrade -y
- Install packages to satisfy dependencies:
sudo apt-get install -y ntp
- Install MongoDB 2.4.9:
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list
sudo apt-get update
sudo apt-get install mongodb-10gen=2.4.9
- Pin the version of MongoDB so
apt-get
will not upgrade it:echo "mongodb-10gen hold" | sudo dpkg --set-selections
- Configure MongoDB by copying the following into
/etc/mongodb.conf
: - IMPORTANT: The config file below has
noauth=true
set. This is a temporary configuration to allow for adding MongoDB user accounts. This setting will be changed later in the checklist.
# mongodb.conf
# Where to store the data.
dbpath=/var/lib/mongodb
#where to log
logpath=/var/log/mongodb/mongodb.log
logappend=true
#bind_ip = 127.0.0.1
bind_ip = 0.0.0.0
port = 27017
# Enable journaling, http://www.mongodb.org/display/DOCS/Journaling
journal=true
# Enables periodic logging of CPU utilization and I/O wait
#cpu = true
# Turn on/off security. Off is currently the default
noauth = true
#auth = true
# Verbose logging output.
#verbose = true
# Inspect all client data for validity on receipt (useful for
# developing drivers)
#objcheck = true
# Enable db quota management
#quota = true
# Set oplogging level where n is
# 0=off (default)
# 1=W
# 2=R
# 3=both
# 7=W+some reads
#oplog = 0
# Diagnostic/debugging option
#nocursors = true
# Ignore query hints
#nohints = true
# Disable the HTTP interface (Defaults to localhost:27018).
#nohttpinterface = true
# Turns off server-side scripting. This will result in greatly limited
# functionality
#noscripting = true
# Turns off table scans. Any query that would do a table scan fails.
#notablescan = true
# Disable data file preallocation.
#noprealloc = true
# Specify .ns file size for new databases.
# nssize = <size>
# Accout token for Mongo monitoring server.
#mms-token = <token>
# Server name for Mongo monitoring server.
#mms-name = <server-name>
# Ping interval for Mongo monitoring server.
#mms-interval = <seconds>
# Replication Options
# in replicated mongo databases, specify here whether this is a slave or master
#slave = true
#source = master.example.com
# Slave only: specify a single database to replicate
#only = master.example.com
# or
#master = true
#source = slave.example.com
# Address of a server to pair with.
#pairwith = <server:port>
# Address of arbiter server.
#arbiter = <server:port>
# Automatically resync if slave data is stale
#autoresync
# Custom size for replication operation log.
#oplogSize = <MB>
# Size limit for in-memory storage of op ids.
#opIdMem = <bytes>
- Restart MongoDB:
sudo service mongodb restart
- Add an administrative-level user to MongoDB:
$ mongo admin
db.addUser({
user:"mongo_admin",
pwd:"[choose a suitable password]",
roles:["dbAdminAnyDatabase","userAdminAnyDatabase","clusterAdmin","readWrite"]
});
- Update
/etc/mongodb.conf
to enable authentication:- Comment out the
noauth = true
line - Uncomment the
auth = true
line
- Comment out the
- Example:
# Turn on/off security. Off is currently the default
#noauth = true
auth = true
- Restart MongoDB:
sudo service mongodb restart
- Connect to MongoDB in the admin database:
mongo admin -u mongo_admin -p
[password for the mongo_admin user]--authenticationDatabase admin
- Add a user for the component:
use [name of database];
db.addUser({
user:"[name of user]",
pwd:"[password for user]",
roles:["readWrite"]
});
- Example:
use progman;
db.addUser({
user:"progman",
pwd:"[redacted]",
roles:["readWrite"]
});
Verify User Can Authenticate to MongoDB
- On the AWS instance hosting MongoDB, run the following commands:
mongo admin -u mongo_admin -p '
[The password for the mongo_admin user]' --authenticationDatabase admin
mongo [
component database name] -u
[Component user]-p '
[The password for the component user]'
- If successful, the prompt should appear as follows:
MongoDB shell version: 2.4.9
connecting to: admin
>
Create AWS Web Application Instance
- Create server instance to host the Program Management (ProgMan) component
- Select an image with the Ubuntu 14.04 LTS 64-bit operating system
- Create or choose an AWS security group with the following ports for inbound TCP traffic (can be done during instance creation):
- 22
- 80
- 443
- 1043
- 8080
- 8084
- 8443
ProgMan Setup
- Update package manager:
sudo apt-get update
sudo apt-get upgrade -y
- Install packages to satisfy dependencies:
sudo apt-get install -y ntp mercurial openjdk-7-jdk
Set Up Tomcat Server
- Remove
apparmor
:sudo /etc/init.d/apparmor stop
sudo update-rc.d -f apparmor remove
sudo apt-get --purge remove -y apparmor apparmor-utils libapparmor-perl libapparmor1
- Install Tomcat Server (if not installed already):
sudo apt-get install -y tomcat7
- Stop the Tomcat service:
sudo service tomcat7 stop
- Remove the
ROOT
directory:sudo rm -rf /var/lib/tomcat7/webapps/ROOT
- Update the
server.xml
to allow for large HTTP Headers:- Edit the
/etc/tomcat7/server.xml
file - Find the
<Connector>
element - Add the following attribute and value to the
<Connector>
element:maxHttpHeaderSize="65536"
- Example of an updated
<Connector>
element:
- Edit the
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443"
maxHttpHeaderSize="65536" />
Set Up a Keystore
- Create resources directory and child directories:
sudo mkdir -p /var/lib/tomcat7/resources/{progman,security}
sudo chown -R tomcat7:tomcat7 /var/lib/tomcat7/resources/
- Create the wildcard SSL cert public key (*.sbtds.org):
sudo vi /var/lib/tomcat7/resources/security/sbtds_org.cer
- Copy the certificate contents (including the BEGIN CERTIFICATE and END CERTIFICATE lines) into
/var/lib/tomcat7/resources/security/sbtds_org.cer
- Example:
-----BEGIN CERTIFICATE-----
// This is where the certificate content is
-----END CERTIFICATE-----
- Create the keystore (NOTE: the keystore file must be named samlKeystore.jks):
cd /var/lib/tomcat7
sudo keytool -importcert -alias
[<A meaningful alias]-keystore ./resources/security/samlKeystore.jks -file ./resources/security/
[name of certificate file]- Example:
sudo keytool -importcert -alias
sbtdsorg-keystore ./resources/security/samlKeystore.jks -file ./resources/security/sbtds_org.cer
- provide password
- Type
yes
when prompted to trust the certificate
- Example:
- Generate the private key:
sudo keytool -genkey -alias
[choose a meaningful alias]-keyalg RSA -keystore
[path/to/keystore]-keysize 2048
- Example:
sudo keytool -genkey -alias
proctor-saml-sp-keyalg RSA -keystore ./resources/security/samlKeystore.jks -keysize 2048
- Example:
- Provide the password to the keystore created previously.
- Answer the prompts. Example of the command and prompts shown below:
sudo keytool -genkey -alias progman-saml-sp -keyalg RSA -keystore ./resources/security/samlKeystore.jks -keysize 2048
Enter keystore password:
What is your first and last name?
[Unknown]: ProgMan Component
What is the name of your organizational unit?
[Unknown]: sbac
What is the name of your organization?
[Unknown]: SBAC
What is the name of your City or Locality?
[Unknown]: San Diego
What is the name of your State or Province?
[Unknown]: California
What is the two-letter country code for this unit?
[Unknown]: US
Is CN=ProgMan Component, OU=sbac, O=SBAC, L=San Diego, ST=California, C=US correct?
[no]: yes
Verify Keystore Contents
- To view the keystore contnets, use the following command:
sudo keytool -list -keystore
[path/to/samlKeystore.jks]- Example:
sudo keytool -list -keystore
/var/lib/tomcat7/resources/security/samlKeystore.jks
- Example:
- Output will be similar to the following (after providing the correct password):
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 2 entries
sbtdsorg, Apr 6, 2016, trustedCertEntry,
Certificate fingerprint (SHA1): D6:06:FA:33:AB:E4:27:26:D5:E1:B2:AB:1E:1D:FF:1E:7E:C0:21:4F
progman-saml-sp, Apr 6, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): 8D:3A:66:1D:0C:7B:0A:40:96:B7:A6:8F:13:27:AB:E8:05:7D:8D:3A
Additional Notes
- Common keystore commands can be found here
Deploy ProgMan Components
Configure Tomcat
- Stop the Tomcat service:
sudo service tomcat7 stop
- Edit the
/etc/default/tomcat7
file, updating theJAVA_OPTS
value to what’s shown below:
JAVA_OPTS="-Djava.awt.headless=true\
-XX:+UseConcMarkSweepGC\
-Xms[initial amount of memory that can be allocated to the JVM heap]\
-Xmx[maximum amount of memory that can be allocated to the JVM heap]\
-XX:PermSize=[initial amount of memory that can be used for PermGen]\
-XX:MaxPermSize=[maximum amount of memory that can be used for PermGen]\
-DSB11_CONFIG_DIR=$CATALINA_BASE/resources\
-Dspring.profiles.active=progman.client.impl.integration,mna.client.null,server.singleinstance"
-
NOTE: If the component being set up will be load-balanced, then change the
server.singleinstance
(for thespring.profiles.active
option) toserver.loadbalanced
. -
Example:
JAVA_OPTS="-Djava.awt.headless=true\
-XX:+UseConcMarkSweepGC\
-Xms512m\
-Xmx2048m\
-XX:PermSize=512m\
-XX:MaxPermSize=1512m\
-DSB11_CONFIG_DIR=$CATALINA_BASE/resources\
-Dspring.profiles.active=mna.client.null,server.singleinstance,progman.client.impl.null,special.role.required"
- Create a directory for the ProgMan log files:
sudo mkdir -p /usr/share/tomcat7/logs/{prog-mgmnt.webapp,prog-mgmnt.rest}
sudo chown -R tomcat7:tomcat7 /usr/share/tomcat7/logs/
- OPTIONAL: Create links in the Tomcat log directory to the REST and Web Application log files:
sudo ln -s /usr/share/tomcat7/logs/prog-mgmnt.webapp/prog-mgmnt.webapp.log /var/lib/tomcat7/logs/webapp.log
sudo ln -s /usr/share/tomcat7/logs/prog-mgmnt.rest/prog-mgmnt.rest.log /var/lib/tomcat7/logs/rest.log
Download REST Component War File
- Download the latest
.war
file for the ProgMan REST Component into the Tomcat server’swebapps
directory:sudo wget https://github.com/SmarterApp/SS_ProgramManagement/releases/download/R01.00.38/prog-mgmnt.rest-R01.00.38.war -O /var/lib/tomcat7/webapps/rest.war
- Create a
rest-endpoints.properties
file in/var/lib/tomcat7/resources/progman
- Copy the following into
/var/lib/tomcat7/resources/progman/rest-endpoints.properties
:
#base URLs for REST endpoints, replace with URLs that work for the server this is being run on
pm.rest.service.endpoint=http://[FQDN or IP Address of ProgMan REST component, defeault port is 8080]/rest
pm.rest.context.root=/rest/
pm.minJs=false
An example of a configured rest-endpoints.properties
:
#base URLs for REST endpoints, replace with URLs that work for the server this is being run on
pm.rest.service.endpoint=http://52.32.255.241:8080/rest
pm.rest.context.root=/rest/
pm.minJs=false
Download ProgMan Web Application Component
- Download the latest
.war
file for the ProgMan Web Application Component into the Tomcat server’swebapps
directory:sudo wget https://github.com/SmarterApp/SS_ProgramManagement/releases/download/R01.00.38/prog-mgmnt.webapp-R01.00.38.war -O /var/lib/tomcat7/webapps/ROOT.war
- Create a
progman-bootstrap.properties
file in/var/lib/tomcat7/resources/progman
- Copy the following into
/var/lib/tomcat7/resources/progman/progman-bootstrap.properties
:
#mna.properties
progman.mna.description="The Program Management Component ([environment name])"
#mna.mnaUrl=https://your.mna.server/rest
#mna.logger.level=INFO
#mna.oauth.batch.account=mna-client-email-address
#mna.oauth.batch.password=mna-client-password
#mongo.properties
#placeholder for mongo settings - note: do not check in real credentials
pm.mongo.hostname=[FQDN or IP address of MongoDB server]
pm.mongo.port=[port that MongoDB listens on, default is 27017]
pm.mongo.user=[mongo user name, mongo_admin if following this checklist]
pm.mongo.password=[password for mongo_admin user account]
pm.mongo.dbname=[Name of database created for ProgMan in MongoDB]
#pbe.properties
pm.pbe.pass=password123
#pm.pbe.pass=secret-salt
#rest-endpoints.properties
#base URLs for REST endpoints, replace with URLs that work for the server this is being run on
pm.rest.service.endpoint=http://[FQDN or IP address of AWS instance hosting ProgMan REST component, default port is 8080]/rest
pm.minJs=false
pm.rest.context.root=/rest/
###########################
# pm-security.properties
###########################
#security props
pm.security.saml.keystore.user=[alias of private key stored in samlKeystore.jks]
pm.security.saml.keystore.pass=[password for samlKeystore.jks]
pm.security.dir=file:///[path to samlKeystore.jks, use /var/lib/tomcat7/resources/security if following this checklist]
pm.rest.saml.metadata.filename=[name of SAML metadata file for REST component]
pm.webapp.saml.metadata.filename=[name of SAML metadata file for web application component]
component.name=ProgramManagement
pm.oauth.checktoken.endpoint=https://[load balancer for OpenAM]/auth/oauth2/tokeninfo?realm=/sbac
pm.security.idp=https://[load balancer for OpenAM]/auth/saml2/jsp/exportmetadata.jsp?realm=/sbac
permission.uri=http://[FQDN or IP address of Permissions application. NOTE: the Permissions program has not been installed yet. This can be configured after Permissions has been deployed; ProgMan should still start up]/rest
logfile.path=/var/log/tomcat7/
An example of a configured progman-bootstrap.properties
:
#mna.properties
progman.mna.description="The Program Management Component (Development)"
#mna.mnaUrl=https://your.mna.server/rest
#mna.logger.level=INFO
#mna.oauth.batch.account=mna-client-email-address
#mna.oauth.batch.password=mna-client-password
#mongo.properties
#placeholder for mongo settings - note: do not check in real credentials
pm.mongo.hostname=52.32.123.173
pm.mongo.port=27017
pm.mongo.user=mongo_admin
pm.mongo.password=[redacted]
pm.mongo.dbname=progman
#pbe.properties
pm.pbe.pass=[redacted]
#pm.pbe.pass=secret-salt
#rest-endpoints.properties
#base URLs for REST endpoints, replace with URLs that work for the server this is being run on
pm.rest.service.endpoint=http://52.34.140.123:8080/rest
pm.minJs=false
pm.rest.context.root=/rest/
###########################
# pm-security.properties
###########################
#security props
pm.security.saml.keystore.user=progman-saml-sp
pm.security.saml.keystore.pass=[redacted]
pm.security.dir=file:////var/lib/tomcat7/resources/security
pm.rest.saml.metadata.filename=rest_metadata.xml
pm.webapp.saml.metadata.filename=web_metadata.xml
component.name=ProgramManagement
pm.oauth.checktoken.endpoint=https://sso-dev.sbtds.org/auth/oauth2/tokeninfo?realm=/sbac
pm.security.idp=https://sso-dev.sbtds.org/auth/saml2/jsp/exportmetadata.jsp?realm=/sbac
permission.uri=http://52.32.19.35:8080/rest
logfile.path=/var/log/tomcat7/
IMPORTANT: Conduct the SAML Setup and Configuration for the REST component and Web Application Component. After completing the SAML Setup and Configuration steps, there should be two metadata files:
- A SAML XML metadata file for the REST component, located where-ever the file name/path is configured for
pm.security.dir
andpm.rest.saml.metadata.filename
(e.g. /var/lib/tomcat7/resources/security/rest_metadata.xml) - A SAML XML metadata file for the web application component located where-ever the file name/path is configured for
pm.security.dir
andpm.webapp.saml.metadata.filename
(e.g. /var/lib/tomcat7/resources/security/web_metadata.xml)
SAML (Security Assertion Markup Language) Setup and Configuration
Configure Automatic Metadata Generation
Create SAML Metadata File For the Component
- Use the following command to generate a SAML metadata file for use with the automatic generation process:
sudo wget https://
[FQDN or IP address of OpenAM server]/auth/saml2/jsp/exportmetadata.jsp?realm=/sbac -O /var/lib/tomcat7/resources/security/
[Name of the saml.metadata.filename as configured in ProgMan]- Example:
sudo wget https://
sso-dev.sbtds.org/auth/saml2/jsp/exportmetadata.jsp?realm=/sbac -O /var/lib/tomcat7/resources/security/saml_metadata.xml
- NOTE: When configuring ProgMan (and only ProgMan), the file name will be in the
/var/lib/tomcat7/resources/progman/progman-bootstrap.properties
file.
- Example:
- Change ownership of the SAML metadata file(s) to
tomcat7
:sudo chown tomcat7:tomcat7 /var/lib/tomcat7/resources/security/*.xml
Update the securityContext.xml File for Automatic Metadata Generation
- Open
securityContext.xml
file in an editor for the deployed component- NOTE: The
securityContext.xml
file can be found in [Tomcat web application directory]/
[component]/WEB-INF/classes/security
- Example: /var/lib/tomcat7/webapps/ROOT
/WEB-INF/classes/security/securityContext.xml
- Example: /var/lib/tomcat7/webapps/ROOT
- NOTE: When editing the
securityContext.xml
file, elevated privileges (i.e.sudo
) may by required
- NOTE: The
- Add the following line within a
<security:http>
element:<security:custom-filter before="FIRST" ref="metadataGeneratorFilter" />
- NOTE: Typically a
<security:http>
element can be found around line 31 of thesecurityContext.xml
file - Example:
<security:http entry-point-ref="delegatingAuthenticationEntryPoint" use-expressions="true">
<security:custom-filter before="FIRST" ref="metadataGeneratorFilter" />
<security:custom-filter ref="oauth2ProviderFilter" before="PRE_AUTH_FILTER" />
<security:custom-filter after="BASIC_AUTH_FILTER" ref="samlFilter"/>
<security:intercept-url pattern="/**" access="isFullyAuthenticated()"/>
</security:http>
- Add configuration for the SAML metadata generator to
securityContext.xml
:- Add the following
<bean>
definitions tosecurityContext.xml
, immediately after the closing</security:http>
tag:
- Add the following
<bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
<constructor-arg ref="metadataGenerator"/>
</bean>
<bean id="metadataGenerator" class="org.springframework.security.saml.metadata.MetadataGenerator">
<property name="bindingsSSO">
<list>
<value>redirect</value>
<value>artifact</value>
</list>
</property>
<property name="entityId" value="[name of component]"/>
</bean>
NOTE: The component name should not have spaces.
- Example of a
metadataGenerator
configured with anentityId
of progman_rest:
<bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
<constructor-arg ref="metadataGenerator"/>
</bean>
<bean id="metadataGenerator" class="org.springframework.security.saml.metadata.MetadataGenerator">
<property name="bindingsSSO">
<list>
<value>redirect</value>
<value>artifact</value>
</list>
</property>
<property name="entityId" value="progman_rest"/>
</bean>
- Restart Tomcat:
sudo service tomcat7 restart
Verify SAML Metadata Setup
- Visit the
/saml/metadata
endpoint for the deployed component:- Example:
http://
54.213.81.243:8080/rest/saml/metadata
- Example:
- The output should appear as XML containing:
- The X509 Certificate data
- URLs containing the domain name of the server hosting the component as the value of a
Location
attribute- Examples:
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://
54.213.81.243:8080/rest/saml/SingleLogout"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://
54.213.81.243:8080/rest/saml/SSO" index="0" isDefault="true"/>
- Examples:
SAML Pre-Configured Metadata Configuration
- Use
wget
to save the output of/saml/metadata
endpoint to/var/lib/tomcat7/resources/security/
[Name of the saml.metadata.filename as configured in ProgMan]- Example: save the
sudo wget http://54.213.81.243:8080/saml/metadata -O /var/lib/tomcat7/resources/security/
saml_metadata.xml
- Example: save the
- Disable (by removing or commenting out) the
<security:custom-filter before="FIRST" ref="metadataGeneratorFilter" />
from thesecurityContext.xml
file to disable the autoamtic generation of SAML metadata- The automatic generation of SAML metadata is only needed once to generate the metadata file. After the metadata file is generated, there is no further need for automatically generating SAML metadata.
- OPTIONAL: Remove the
metadataGeneratorFilter
andmetadataGenerator
bean definitions from thesecurityContext.xml
- Set permissions on the metadata XML file(s) so that only the
tomcat7
user can read it/them:sudo chmod 0400 /var/lib/tomcat/resources/security/*.xml
Verify SAML Metadata Setup
- Visit the
/saml/metadata
endpoint for the deployed component:- Example:
http://
54.213.81.243:8080/rest/saml/metadata
- Example:
- The output should appear as XML containing:
- The X509 Certificate data
- URLs containing the domain name of the server hosting the component as the value of a
Location
attribute- Examples:
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://
54.213.81.243:8080/rest/saml/SingleLogout"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://
54.213.81.243:8080/rest/saml/SSO" index="0" isDefault="true"/>
- Examples:
Additional Notes
Update ProgMan Bootstrap Properties
- Update the following lines of the
progman-bootstrap.properties
to use the correct SAML metadata files:pm.rest.saml.metadata.filename=
[name of the SAML metadata file for the REST component]pm.webappt.saml.metadata.filename=
[name of the SAML metadata file for the web application component]
SAML Service Provider Registration
- Launch OpenAM
- Log in with appropriate credentials
- Click on Register Remote Service Provider
- On the Create a SAMLv2 Remote Service Provider page:
- Select the /sbac realm
- Verify the URL option button is checked/selected
- Enter the
/saml/metadata
endpoint for the desired component in the URL field- Example: enter
http://
54.213.81.243:8080/saml/metadata
in the URL field
- Example: enter
- Under the Circle of Trust
- Verify the Add to existing option button is checked/selected
- Verify sbac is the selected value for the Existing Circle of Trust dropdown list
- Click the Configure button (upper righthand corner, across from the Create a SAMLv2 Remote Service Provider header)
Verify the Service Provider is Configured
- Click on the Federation tab
- Observe the following:
- The Circle of Trust table contains a record that represents the component that was added
- The Entity Providers table conains a record with a Name equal to the entityId set in the component’s SAML metadata file
Load Seed Data into ProgMan
IMPORTANT: MongoDB must be installed on whatever computer runs the script to load the ProgMan seed data.
- Unless already done, clone the
TDS_Build
repository from GitHub:git clone https://github.com/SmarterApp/TDS_Build.git
- Navigate to the directory where the seed data script is located:
cd
[Path to where theTDS_Build
repository was cloned]/database/mongodb/progman
- Example:
cd
~/dev/ucla/sbac/sbrepo/TDS_Build/database/mongodb/progman
- Edit the
load-seed-data.sh
script to configure the following:HOST=
[The FQDN or IP address of the MongoDB server hosting the ProgMan database]PORT=
[The port on which MongoDB is listening]USER=
[The user account with “readWrite” privileges in the ProgMan database]PW=
[The password for the user account]DB=
[The name of the database containing ProgMan’s data]
- Example:
HOST=54.201.173.209 # The FQDN or IP address of the MongoDB server hosting the ProgMan database
PORT=27017 # The port on which MongoDB is listening
USER=admin # The user account with "readWrite" privileges in the ProgMan database
PW=[redacted] # The password for the user account
DB=progman # The name of the database containing ProgMan's data
- Execute the
load-seed-data.sh
script:./load-seed-data.sh
Verification
- Log into ProgMan with the Prime User account created during the OpenDJ Verification process
- NOTE: If this is the first time using the Prime User account, you may be prompted to change the password and set up the security questions
- Verify the home page of ProgMan appears
- Click on the Manage Components link in navigation menu on the left rail
- Verify records are displayed