Installing the web front end
Windows
The procedure for setting up the Product 360 - Media Manager web front end on Windows is as follows:
On your Product 360 - Media Manager installation directory, switch to the directory \setup\webapp package\full.
Unpack the file OpasGWebServer.zip to C:\.
In the file C:\OpasGWebServer\Tomcat\webapps\opas\Base.cfg, enter the database connection parameters.
<DATABASE_URL> jdbc: sqlserver://localhost:1433;databaseName=opasdb </DATABASE_URL >
<DATABASE_DIALECT> org.hibernate.dialect.SQLServer2012Dialect </DATABASE_DIALECT>
<DATABASE_USER> Username </DATABASE_USER>
<DATABASE_PASSWORD> Password </DATABASE_PASSWORD>Launch Tomcat using the script C:\OpasGWebServer\startup.bat.
You can also run Tomcat as a Windows service; refer to Run Product 360 - Media Manager server modules as a Windows service .
MSSQL with encrypted connection
It is possible to use an encrypted connection to the Media Manager database (MSSQL only). Append ';encrypt=true' to your url.
The url would look like
jdbc:sqlserver://localhost:1433;databaseName=opasdb;encrypt=trueTo use this feature the MSSQL DBMS has to have a setup encryption mechanism.
MSSQL with integrated security
It is possible to use the integrated security feature between Windows and MSSQL. To use integrated security just enter no DATABASE_USER and DATABASE_PASSWORD values. In that case the Windows user which runs the Tomcat service is used to logon to the database. Please be sure your database allows access to this Windows user.
If only the Media Manager web front end is running in the Tomcat you use the default installation and leave the database credentials empty.
MSSQL Integrated security running Media Manager web front end and Media Manager Rest services in one Tomcat
Beside the Media Manager web front end sometime the Media Manager Rest services (used for Supplier Portal) running in the same Tomcat. In that case some additional steps are necessary to enable the integrated security for both web applications.
Preconditions
Installed and setup OpasGWebServer: Your web front end is running and is usable with database credentials
Installed and setup Media Manager Rest services inside the OpasGWebServer: The Rest services are usable with database credentials.
Steps to enable integrated security for both web applications
Create a new folder 'sharedLib' at
OpasGWebServer\Tomcat
Move 'jtds-1.3.1.jar' from
OpasGWebServer\Tomcat\webapps\opas\WEB-INF\lib
to
OpasGWebServer\Tomcat\sharedLibOpen OpasGWebServer\Tomcat\conf\catalina.properties in a text editor and change line
shared.loader=
to
shared.loader=${catalina.base}/sharedLib/*.jarDelete 'jtds-1.3.1.jar' from
OpasGWebServer\Tomcat\webapps\rest\WEB-INF\lib
Now you can replace the database credentials in the configuration files with empty values
OpasGWebServer\Tomcat\webapps\opas\Base.cfg
OpasGWebServer\Tomcat\webapps\rest\WEB-INF\classes\META-INF\spring\hmm-database.properties
Why is that necessary?
Integrated security is realized by a dll. A dll can be loaded only by one classloader. Our 2 web applications running in 2 different classloaders. This cause problems if 2 applications try to load the same dll.
By using the shared library mechanism of Tomcat it is possible to use the same dll in multiple web applications.
Linux
This page describes how to install the webapplication of Media Manager on Linux (Redhat 7).
Installation
On your Product 360 - Media Manager installation directory, switch to the directory \setup\webapp package\full.
Copy package OpasGWebServerLinux.zip to /opt
Unzip this package to /opt
12
$ cd /opt$ unzip OpasGWebServerLinux.zip
Set attributes to make scripts executable
123
$ chmod 777 /opt/OpasGWebServer/*.sh$ chmod 777 /opt/OpasGWebServer/Tomcat/bin/*$ chmod 777 /opt/OpasGWebServer/java/bin/*
Change owner of installed package to service user
1
$ chown -R serviceuser /opt/OpasGWebServer
Configure database connection in /opt/OpasGWebServer/Tomcat/webapps/opas/base.cfg .
<DATABASE_URL>jdbc:oracle:thin:@dbervername:1521:oracle_instance</DATABASE_URL>
<DATABASE_DIALECT>org.hibernate.dialect.Oracle10gDialect</DATABASE_DIALECT>
<DATABASE_USER>OPASUSER</DATABASE_USER>
<DATABASE_PASSWORD>Password</DATABASE_PASSWORD>start server
12
$ su - serviceuser$ /opt/OpasGWebServer/Tomcat/bin/tomcat start
Install / Remove service
The web application has a preconfigured service wrapper inside. To install this application as a service do the following steps.
|
1234 |
$ su - serviceuser$ /opt/OpasGWebServer/Tomcat/bin/tomcat installor to remove$ /opt/OpasGWebServer/Tomcat/bin/tomcat remove |
console output
|
12345678910 |
[]# /opt/OpasGWebServer/Tomcat/bin/tomcat installDetected RHEL or Fedora:Installing the Informatica Media Manager Web Application daemon.. |
Configuration: mount volumes
You have to mount and link every used share of every file server. If you defined more volumes in one share, then you need only one mount for all these volumes.
Have a look in your Media Manager Administration 'system volumes': how you configured the unc path.
Example for the UNC Path in Administration: /FileserverOrIP/OpasVolumes/Buffer
|
12345 |
$ mkdir /mnt/FileserverOrIP$ mkdir /mnt/FileserverOrIP/OpasVolumes$ mount -t cifs -o username=remoteserviceuser //FileserverOrIP/OpasVolumes /mnt/FileserverOrIP/OpasVolumes$ ln -s /mnt/FileserverOrIP /FileserverOrIP |
If you want to mount the volumes permanently, you can add them to /etc/fstab
Open /etc/fstab with your favorite editor
Add the following line to the end of the file
1
//FileserverOrIP/OpasVolumes /mnt/FileserverOrIP/OpasVolumes cifs user=remoteserviceuser,uid=localserviceuser,gid=localservicegroup 0 0
If the password is required to mount the Volume, this solution is not working. You can change the line to:
|
1 |
//FileserverOrIP/OpasVolumes /mnt/FileserverOrIP/OpasVolumes cifs user=remoteserviceuser,password=pass,uid=localserviceuser,gid=localservicegroup 0 0 |
or to
|
1 |
//FileserverOrIP/OpasVolumes /mnt/FileserverOrIP/OpasVolumes cifs user=remoteserviceuser,uid=localserviceuser,gid=localservicegroup,noauto 0 0 |
With the first solution the Volume will be mounted on every startup.
With the second solution the volume won't be mounted on startup. It can be mounted with:
|
1 |
$ mount /mnt/FileserverOrIP/OpasVolumes |
Modify fstab without reboot.
To reload the contents of fstab without reboot use the following command.
|
1 |
mount -a |
Configuration: base.cfg
Optional: Install ImageMagick
If you want to generate templates for the Media Manager web UI it is necessary to install ImageMagick.
Use yum to install ImageMagick
1
$ yum install ImageMagick
Edit colorme-Skript
1234
$ cd /opt/OpasGWebServer/Tomcat/webapps/opas/custom/profiles/layout/template/$ rm colorme.sh$ cp colorme.sh_disabled colorme.sh$ chmod 777 colorme.sh
Create symbolic links to ImageMagick-commands
1234
$ cd /opt/OpasGWebServer/Tomcat/webapps/opas/custom/profiles/layout/template/imagemagick/$ ln -s /usr/bin/composite composite$ ln -s /usr/bin/convert convert$ ln -s /usr/bin/montage montage
Optional: Configure XOB
If you want to use the projects engine it is necessary to mount the xob-workspace.
|
12345 |
$ mkdir /mnt/FileserverOrIP$ mkdir /mnt/FileserverOrIP/xobWorkdir$ mount -t cifs -o username=serviceuser //FileserverOrIP/xobWorkdir/mnt/FileserverOrIP/xobWorkdir$ mkdir /FileserverOrIP$ ln -s /mnt/FileserverOrIP /FileserverOrIP |
Encrypted passwords in configuration files
Product 360 Media Manager Web supports the encryption of secure information like passwords in the configuration files Base.cfg and HPMConfig.xml. The encryption will be executed only if your secure information in the configuration files is enclosed by the marker [_to_encrypt_].
So, if you want to have e.g. the password "Password" encrypted in a configuration file just use the marker before and after the password like this: [_to_encrypt_]Password[_to_encrypt_]. Please note first encryption gets done with the first configuration file access. This means the Base.cfg gets encrypted by the first load of the login page. The HPMConfig.xml after the first login.
For example in Base.cfg:
<DATABASE_URL>jdbc:oracle:thin:@dbervername:1521:oracle_instance</DATABASE_URL><DATABASE_DIALECT>org.hibernate.dialect.Oracle10gDialect</DATABASE_DIALECT><DATABASE_USER>OPASUSER</DATABASE_USER><DATABASE_PASSWORD>[_to_encrypt_]Password[_to_encrypt_]</DATABASE_PASSWORD>Usage of AES-256 cryptographic algorithm to encrypt/decrypt secure information
Product 360 Media Manager Web provides a default implementation for the encryption of secure information with an internal and securely stored Key using AES-256.
For sophisticated deployments we recommend to integrate with Encryption Key Management solutions like Amazon AWS or Azure KeyVault and use the API we offer to send and receive data for encryption to these key stores securely.