Prerequisites
- A database account with access to the Rice database
- An LDAP Service Account
- Procure the UC Davis-specific
rice-api
andrice-impl
JARs and all transitive dependencies using either of the following methods:- Download
ucd-rice-standalone-server-impl
WAR from Artifactory . This WAR contains all dependencies. - Maven users: Add
ucd-rice-impl
as a dependency in your project.pom.xml<repositories> <repository> <id>ietmavenrepositori</id> <name>IET Maven Repository</name> <url>https://psl-95.ucdavis.edu/repo</url> </repository> </repositories> <properties> <ucd-rice-impl.version>[some UCD Rice Implementation version]</ucd-rice-impl.version> </properties> <dependencies> <dependency> <groupId>edu.ucdavis.kuali.rice</groupId> <artifactId>ucd-rice-impl</artifactId> <version>${ucd-rice-impl.version}</version> </dependency> </dependencies>
- Download
Properties Configuration
We use a simple XML configuration to declare properties as key-value pairs. For example:
<config> <param name="datasource.ojb.platform">Oracle</param> <param name="datasource.platform">org.kuali.rice.core.database.platform.OraclePlatform</param> <param name="datasource.url">jdbc:oracle:thin:@dbhost.ucdavis.edu:1521:SID</param> <param name="datasource.driver.name">oracle.jdbc.driver.OracleDriver</param> <param name="datasource.pool.validationQuery">select 1 from duak</param> <param name="datasource.pool.maxWait">30000</param> <param name="datasource.pool.size">30</param> <param name="datasource.pool.maxActive">50</param> <param name="datasource.minIdle">7</param> <param name="datasource.initialSize">7</param> <param name="datasource.accessToUnderlyingConnectionAllowed">true</param> <param name="datasource.username">my_db_user</param> <param name="datasource.password">my_db_password</param> <config>
Default Rice Configuration
- By default Rice looks for
rice-config.xml
in/usr/local/rice/
at launch time. This allows us substitute different values for different properties in different environments (e.g. TEST vs. PROD). - See a full-blown set of sample properties .
Core Data Source Configuration
Kuali Rice uses Java Open Transaction Manager, so we declare the appropriate beans.
<bean id="jotm" class="org.springframework.transaction.jta.JotmFactoryBean"> <property name="defaultTimeout" value="${transaction.timeout}"/> </bean> <bean id="jtaTransactionManager" class="org.springframework.transaction.jta.JtaTransactionManager"> <property name="transactionManager" ref="jotm"/> <property name="userTransaction" ref="jotm"/> </bean>
We must declare three data sources:
- A transactional data source where the local client application's Rice tables are located. This is required by JOTM.
classpath:edu/ucdavis/myapp/config/application-data.xml
<bean id="dataSource" class="org.kuali.rice.core.database.XAPoolDataSource"> <property name="transactionManager" ref="jotm" /> <property name="driverClassName" value="${datasource.driver.name}" /> <property name="url" value="${datasource.url}" /> <property name="maxSize" value="${datasource.pool.size}" /> <property name="minSize" value="${datasource.initialSize}" /> <property name="maxWait" value="${datasource.pool.maxWait}" /> <property name="validationQuery" value="${datasource.pool.validationQuery}" /> <property name="username" value="${datasource.username}" /> <property name="password" value="${datasource.password}" /> </bean>
- A non-transactional data source pointing to those same Rice tables. This is required by Quartz.
classpath:edu/ucdavis/myapp/config/application-data.xml
<bean id="nonTransactionalDataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close"> <property name="url" value="${datasource.url}"/> <property name="username" value="${datasource.username}"/> <property name="password" value="${datasource.password}"/> <property name="driverClassName" value="${datasource.driver.name}" /> <property name="initialSize" value="${datasource.initialSize}" /> <property name="minIdle" value="${datasource.minIdle}" /> <property name="maxActive" value="${datasource.maxActive}" /> <property name="maxWait" value="${datasource.maxWait}" /> <property name="validationQuery" value="${datasource.validationQuery}" /> <property name="testOnBorrow" value="${datasource.testOnBorrow}" /> <property name="testOnReturn" value="${datasource.testOnReturn}" /> <property name="testWhileIdle" value="${datasource.testWhileIdle}" /> <property name="accessToUnderlyingConnectionAllowed" value="${datasource.accessToUnderlyingConnectionAllowed}" /> </bean>
To take advantage of pooling capabilities,
testOnBorrow
should be set totrue
. - A transactional data source pointing to the database of the Rice Standalone Server.
classpath:edu/ucdavis/myapp/config/application-data.xml
<bean id="standaloneDataSource" class="org.kuali.rice.core.database.XAPoolDataSource"> <property name="transactionManager" ref="jotm" /> <property name="driverClassName" value="${standalone.datasource.driver.name}" /> <property name="url" value="${standalone.datasource.url}" /> <property name="maxSize" value="${standalone.datasource.pool.size}" /> <property name="minSize" value="${standalone.datasource.initialSize}" /> <property name="maxWait" value="${standalone.datasource.pool.maxWait}" /> <property name="validationQuery" value="${standalone.datasource.pool.validationQuery}" /> <property name="username" value="${standalone.datasource.username}" /> <property name="password" value="${standalone.datasource.password}" /> </bean>
KIM Service Configuration
The UCD KIM Identity Service fetches Entity and Principal information from UCD LDAP and, optionally, Display Name from White Pages. It is instantiated by declaring classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kim-wp-service.xml
if using White Pages, or classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kim-service.xml
if not using White Pages, in the Spring context.
Data Source Configuration
KIM Identity Service requires two LDAP data sources:
- A data source pointing to the LDAP server to retrieve entries in the
ou=People
andou=Listings
schemas.classpath:edu/ucdavis/myapp/config/application-data.xml<bean id="ldapContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="${ldap.url}" /> <property name="base" value="${ldap.base}" /> <property name="userDn" value="${ldap.user}" /> <property name="password" value="${ldap.password}" /> <property name="pooled" value="false" /> </bean>
- A data source pointing to the LDAP-DC server to retrieve entries in the
ou=Accounts
schema.classpath:edu/ucdavis/myapp/config/application-data.xml<bean id="ldapItContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="${ldap.it.url}" /> <property name="base" value="${ldap.it.base}" /> <property name="userDn" value="${ldap.it.user}" /> <property name="password" value="${ldap.it.password}" /> <property name="pooled" value="false" /> </bean>
Optionally, KIM Identity Service provides access to the PEOPLE_DISPLAY_NAME
view in the ORG
schema in Mothra. whitePagesDataSource
<bean id="whitePagesDataSource" destroy-method="close" class="org.apache.commons.dbcp.BasicDataSource"> <property name="url" value="${whitepages.datasource.url}"/> <property name="username" value="${whitepages.datasource.username}"/> <property name="password" value="${whitepages.datasource.password}"/> <property name="driverClassName" value="${whitepages.datasource.driver.name}" /> <property name="initialSize" value="${whitepages.datasource.initialSize}" /> <property name="minIdle" value="${whitepages.datasource.minIdle}" /> <property name="maxActive" value="${whitepages.datasource.maxActive}" /> <property name="maxWait" value="${whitepages.datasource.maxWait}" /> <property name="validationQuery" value="${whitepages.datasource.validationQuery}" /> <property name="testOnBorrow" value="${whitepages.datasource.testOnBorrow}" /> <property name="testOnReturn" value="${whitepages.datasource.testOnReturn}" /> <property name="testWhileIdle" value="${whitepages.datasource.testWhileIdle}" /> <property name="accessToUnderlyingConnectionAllowed" value="${whitepages.datasource.accessToUnderlyingConnectionAllowed}" /> </bean>
To take advantage of pooling capabilities, testOnBorrow
should be set to true
.
KEW Service Configuration
The UCD Encryption Service overrides the default demonstration encryption service. It is instantiated by declaring classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kew-service.xml
in the Spring context.
Property Configuration
The encryption service requires an encryption.key
property be set.
<param name="encryption.key">[some generated encryption key]</param>
KNS Service Configuration (DRAFT)
The UCD Workflow Information Service overrides the base service so that Rice can retrieve system users (KR,KFS,etc.) in the database, rather than in LDAP. It is instantiated by declaring
classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kns-service.xml
in the Spring context.
UCD Spring Bean Configuration
Declare the UCD-implemented Rice services using either of the following methods:
- Declare it as part of the
rice.additionalSpringFiles
property and pass that as a token into therice
bean/usr/local/rice/rice-config.xml<param name="rice.additionalSpringFiles">classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kim-service.xml,classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kew-service.xml,classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kns-service.xml</param>
classpath:edu/ucdavis/myapp/config/rice-common.xml<bean id="rice" class="org.kuali.rice.core.config.RiceConfigurer"> ... <property name="additionalSpringFiles"> <value>${rice.additionalSpringFiles}</value> </property> ... </bean>
- Declare it directly in the
rice
bean using theadditionalSpringFiles
property (see Rice Bean Configuration)classpath:edu/ucdavis/myapp/config/rice-common.xml<bean id="rice" class="org.kuali.rice.core.config.RiceConfigurer"> ... <property name="additionalSpringFiles"> <list> ... <value>classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kim-service.xml</value> <value>classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kew-service.xml</value> <value>classpath:edu/ucdavis/kuali/rice/kim/config/ucd-kns-service.xml</value> ... </list> </property> ... </bean>
- If you're using Spring's
ContextLoaderListener
, declare it inweb.xml
src/main/webapp/WEB-INF/web.xml<listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <context-param> <param-name>contextConfigLocation</param-name> <param-value> ... classpath:edu/ucdavis/iet/kuali/rice/kim/config/ucd-kim-service.xml classpath:edu/ucdavis/iet/kuali/rice/kim/config/ucd-kew-service.xml classpath:edu/ucdavis/iet/kuali/rice/kim/config/ucd-kns-service.xml ... </param-value> </context-param>
Rice Bean Configuration
Finally, we declare the rice
bean and inject all of the core data source beans into it along with any required additional Spring files.
<bean id="rice" class="org.kuali.rice.core.config.RiceConfigurer"> <property name="dataSource" ref="dataSource" /> <property name="nonTransactionalDataSource" ref="nonTransactionalDataSource"/> <property name="serverDataSource" ref="standaloneDataSource"/> <property name="transactionManager" ref="jotm" /> <property name="userTransaction" ref="jotm" /> <property name="serviceNamespace" value="${service.namespace}" /> <property name="environment" value="${environment}" /> <property name="rootConfig" ref="config" /> <property name="ksbConfigurer"> <bean class="org.kuali.rice.ksb.messaging.config.KSBConfigurer"> <property name="serviceServletUrl" value="${serviceServletUrl}" /> </bean> </property> <property name="kewConfigurer"> <bean class="org.kuali.rice.kew.config.KEWConfigurer"> <property name="clientProtocol" value="local" /> </bean> </property> <property name="knsConfigurer"> <bean class="org.kuali.rice.kns.config.KNSConfigurer"/> </property> <property name="kimConfigurer"> <bean class="org.kuali.rice.kim.config.KIMConfigurer"/> </property> <property name="kcbConfigurer"> <bean class="org.kuali.rice.kcb.config.KCBConfigurer"/> </property> <property name="additionalSpringFiles"> <value>${rice.additionalSpringFiles}</value> </property> </bean>