...
- Java 1.7.0_75
- GNU/Linux x86_64
- MySQL 5.6.25
- Apache Tomcat 7.0.62
- Liferay 6.2.0 CE GA1
1. Setup application server
- You should be using the latest version of Java 1.7 (version 1.8 is still not supported). You should also use Tomcat version 7 (version 8 is still not supported). S Issue with Java 1.7.0-25, we should recommend to use the latest JDK1.7.
- Don't forget to give execution permission to the files in the bin folder.
- Add the JDBC connector (JAR file) of your database to your Tomcat's lib folder.
- Just add the definition of the JNDI data sources and change the connection string depending on the DBMS you're using (for MySQL there's no need to change). We'll configure each one of them as we progress through the installation.
2. OpenNCP artifacts
- Joao Cunha - Change TSL-Sync bullet to JAR: "TSL-Sync (JAR)"
...
S If the NCP uses an infrastructure with proxy, we need to add info related to the new proxy configuration setup included into the epsos-utility Jar.
3. Adjust configuration parameters
- Joao Cunha - epsos-configuration.zip is missing 2 folders and 1 file (see attachments at the end of this page):
...
- The sharing of International Search Masks (forms folder) is a manual process. Currently they're being shared by email between OpenNCP adopters. The central services could be used for that, using their public folder at: https://ecrtsppt.conet-services.de:8445/common_files/
3.1 Configuration Manager Database
1. Database setup
- In MySQL, the database name does not support dots ('.'), so the database should be named "epsos_properties".
2. Hibernate file setup
- Joao Cunha - The hibernate file already exists in EPSOS_PROPS_PATH and should already have the configuration shown. In case you're using MySQL, to avoid a "portalb is temporarily unavailable" error message in the Portal due to MySQL's wait_timeout being exceeded (that is, no requests made during that time), you should use the following setup:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE hibernate-configuration PUBLIC "-//Hibernate/Hibernate Configuration DTD 3.0//EN" "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd">
<hibernate-configuration>
<session-factory>
<property name="hibernate.dialect">org.hibernate.dialect.MySQLDialect</property>
<property name="hibernate.connection.driver_class">com.mysql.jdbc.Driver</property>
<property name="hibernate.connection.url">jdbc:mysql://databasehost:3306/epsos_properties?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false</property>
<property name="hibernate.connection.username">username</property>
<property name="hibernate.connection.password">password</property>
<!-- Echo all executed SQL to stdout -->
<property name="show_sql">yes</property>
<property name="hibernate.hbm2ddl.auto">update</property>
<property name="hibernate.connection.provider_class">org.hibernate.connection.C3P0ConnectionProvider</property>
<property name="hibernate.c3p0.min_size">1</property>
<property name="hibernate.c3p0.max_size">50</property>
<property name="hibernate.c3p0.timeout">7200</property>
<property name="hibernate.c3p0.max_statements">50</property>
<property name="hibernate.c3p0.validate">true</property>
<property name="hibernate.c3p0.idle_test_period">30</property>
<property name="hibernate.c3p0.preferredTestQuery">SELECT 1 FROM DUAL</property>
<mapping class="eu.epsos.configmanager.database.model.Property"/>
</session-factory>
</hibernate-configuration>
|
3.2 NCP First-Time Configuration Utility
- Joao Cunha - Add to the properties file the following properties (and fill them):
...
| Service | Mode | URL | Port |
|---|---|---|---|
| SFTP | PPT | sftp://ecrtsppt.conet-services.de/swe/ | 22 |
| SFTP | PROD | sftp://ecrts.conet-services.de/swe/ | 22 |
| TSAM | PPT | https://ecrtsppt.conet-services.de/webservice/commonTerminologyService2.0 | 443 |
| TSAM | PROD | https://ecrts.conet-services.de/webservice/commonTerminologyService2.0 | 443 |
| TSL | PPT | https://ecrtsppt.conet-services.de | 8445 |
| TSL | PROD | https://ecrts.conet-services.de | 8445 |
3.3 Create Certificates
- Create the following directory structure:
...
A summary about the role of the keystore and the trustore could also be added to this chapter, because I remembered that I was wondering for a long time what are the role of each keystore and trustore and also which component required which key etc. and also the link with the properties stored into the EPSOSProperties database (CfgManager).
4.1 TRC-STS
- Before the deploy, configure the jdbc/ConfMgr data source in your Tomcat conf/context.xml to connect to your epsos properties database.
4.2 TSL (Trusted Service List)
OpenNCP instances need to share their configurations (endpoints, certificates, etc) with each other. The current way to do this is by placing those configurations in the central services, providing a specific kind of file: the TSL file. Each country needs to create a TSL file with its configuration and upload it to the central services. This can be done with the help of the TSL-Editor. Each country can download these files from the central services and update their local installation by running the TSL-Sync.
4.2.1 TSL Files
The complete specification of the TSL files and its usage in the eHealth domain (the specific fields and values to be used) can be found in epSOS Deliverable 3.4.2 - section 4.4 "epSOS Trusted Service List" or in Fraunhofer's Wiki page on epSOS Trust Service List - ETSI TS 102 231 Binding.
4.2.2 TSL-Editor
Stéphane Spahni Put a link to the tutorial videos & manual. I think there were uploaded somewhere in the wiki? Joao Cunha: well remembered, they are attached in the installation manual page, I'm going to add some text about it (Alen Vrecko (Unlicensed) check this).
...
It is possible to override TSLEditor properties by having a "tsleditor.properties" file in the same folder as the JAR file (e.g. to extend the list of supported locales / countries for the Scheme Territory field).
4.2.3 TSL-Sync
S Providing info about how to execute the script and how it works (getting the countries codes into the DB).
...
| Code Block |
|---|
/tsl-sync-custom-location |-- tsl.sync.jar |
4.3 TSAM-Sync
- You'll need to add the Conet certificate to your JVM's truststore (cacerts). See this link: http://stackoverflow.com/questions/6908948/java-sun-security-provider-certpath-suncertpathbuilderexception-unable-to-find
- Edit log4j reference in sync.sh to -Dlog4j.configuration=file:///$TSAM_DIR/conf/log4j.xml ($TSAM_DIR should be a script variable that references tsam-sync folder)
- Change the following property in the tsam-sync/conf/settings.properties
...
- This sync.sh script has to be run manually.
4.4 Transformation Syncronization Access Manager (TSAM)
- OK
4.5 Transformation Manager (TM)
- This component is used for data transformation from a national language to the epSOS Reference Terminology or for data transformation from the epSOS Reference Terminology to a national language.
...
| Info |
|---|
# actual path to ePrescriptionFriendly Schematron file |
4.6 Automatic Data Collector (eADC)
- Automatic data collection is a feature requested to the NCP to provide information to evaluate the epSOS interoperability system performance and to collect statistics on the population using epSOS services.
4.7 Audit Repository (OpenATNA)
Joao Cunha - I think that this section needs to be better organized
...
- Follow step 1 to set up the database: https://openncp.atlassian.net/wiki/display/OP/OpenATNA+Home . Joao Cunha - confirm the last command (see comments in wiki)
- In $EPSOS_PROPS_PATH/ATNA_resources/openatna.properties, you will need to change password of the DB and edit ihe.actors.dir to point to the ATNA_resources folder.
- If you want to use the logviewer war, you have to add the openatna.properties files to atna.war/WEB-INF/classes
- If you want to use the logviewer war with MySQL, you have to add the jdbc-connector.jar to atna.war/WEB-INF/lib
- You also may need to extend the MaxPermSize of your Tomcat instance (adding -XX:MaxPermSize=256m to your CATALINA_OPTS)
- You should add this line to the TOMCAT setenv.sh script: JAVA_OPTS="-DopenATNA.properties.path=file:$EPSOS_PROPS_PATH/ATNA_resources/openatna.properties $JAVA_OPTS"
- OpenATNA uses property with name scheduled.time.between.failed.logs.handling.minutes in ConfigurationManager database to define the interval in which OpenATNA checks if some audit log was not persisted. In case these logs are found, they will be attempted to re-persist. The default value is 60 (minutes).
- Configure epsos properties to write test audits (see step 5: https://openncp.atlassian.net/wiki/display/OP/OpenATNA+Home)
4.8 Server Side (NCP-A)
- OK
S Providing info about how to modify the port of the server if the NCP doesn't use the default one for axis2.xml file, the proxy etc. Perhaps adding info related to the national implementation in order to connect natinal healthcare system, a kind of how to add national impl or how to work in a mock mode etc.
4.9 Client Side (NCP-B)
- OK
S Providing info about how to modify the port of the server if the NCP doesn't use the default one for axis2.xml file, the proxy etc.
4.10 OpenNCP Portal or epSOS-Web
4.10.1 OpenNCP Portal
Installing OpenNCP Portal
- Be aware that you cannot use the same database for different versions of Liferay (you'll get a corrupted database if you try and there's no way to restore it unless you have a backup).
- Note that the database name in the scripts ('lportal') differs from the one shown in the properties file ('lp62'), but they refer to the same database. Choose the one you like the most.
- Change Liferay's Tomcat ports to others different than the ones you're using in your OpenNCP Tomcat (the chosen ports should be available too):
...
- Start Liferay's Tomcat in order to create the deploy folder (zip file doesn't have it due to being an empty folder) and follow the setup wizard to create the default users and other data in the database
- Add some content to epsosportal/WEB-INF/classes/portlet.properties: http://liferay-hacks.blogspot.pt/2014/02/the-curse-of-empty-portletproperties.html
Configuring portal
- Joao Cunha - Add this to the script: INSERT INTO PROPERTY VALUES ('PORTAL_CONSENT_ENABLED','true');
4.10.3 CDA Display Tool (TSAM-Exporter)
In order to correctly translate the CDA, you must run the TSAM-Exporter (make sure you have fetched your country terminologies into your LTR database): TSAM Exporter
- Joao Cunha - Settings.properties file should be updated to have the new properties.
This application is a standalone JAR file that can be placed in a custom location:
Code Block /tsam-exporter |-- epsos-tsamexporter.jar |-- logging.properties |-- run.sh +-- settings.properties
5. Database Logging
- OK
6. Final Considerations
| Code Block |
|---|
/opt
|-- /apache-tomcat-7.X.XX
| |-- /bin
| +-- /conf
| |-- context.xml
| |-- /logs
| |-- /temp
| |-- /work
| +-- /webapps
| |-- /epsos-client-connector
| |-- /epsos-ws-server
| |-- /TRC-STS
| +-- /atna
|-- /tsam-sync
| |-- /conf
| | |-- epsos.properties
| | |-- hibernate.cfg.xml
| | |-- log4j.xml
| | |-- logging.properties
| | +-- settings.properties
| |-- /lib
| | +-- jdbc-connector.jar
| |-- tsam-sync.jar
| +-- sync.sh
|-- /tsl-sync
| |-- epsos-tsl-sync.jar
|-- /tsam-exporter
| |-- epsos-tsamexporter.jar
| |-- logging.properties
| |-- run.sh
| +-- settings.properties
+-- /epsos-configuration
|-- /ATNA_resources
|-- /cert
|-- /EADC_resources
|-- /EpsosRepository
|-- /forms
|-- /TM_resources
|-- configmanager.hibernate.xml
|-- hcer.properties
|-- pn-oid.xml
|-- ISO_3166-1.xml
|-- tm.properties
+-- tsam.properties |
...