The GRIA Client Management package is run by a client organisation for their own internal use. It provides a membership service, a private account service, and a registry service.

The membership service is used to manage groups of users. Managers can create new groups and control which users are members of which group. Members of a group can use the service to get a SAML token proving that they are members. This token can be used at other services, including services running in different domains.

The private account service and the registry service currently provide similar functionality. Both allow registries to be created and resources (such as trade accounts, SLAs, and data stagers) to be added to them. The private account service contains additional functions specific to managing trade accounts and SLAs, while the registry service is able to use an eXist database as a back-end.

The following sections describe how to install and configure the service.

Introduction

The GRIA Client Management software itself is contained within a single WAR (or "web archive") file gria-client-mgt.war, located within the /war directory of this package. Once the pre-requisites have been set-up and the war file has been deployed to Tomcat, the web-based administration interface guides the user through the rest of the installation process.

If you wish to use the registry service, you must also install the XML database service, eXist.

Upgrading

If you have 5.x version of this package already installed, you can upgrade it to the lastest version without having to perform a completely new installation. This can be done via the Tomcat Web Application Manager using the following procedure:

1. Start up Tomcat and select "Tomcat Manager" from the Administration menu.
2. Locate the package from the Applications sections.
3. Select undeploy from the Commands column.
4. On WinXP only you should start and stop tomcat
5. Scroll down to the WAR file to deploy subsection, within the Deploy section. Beside the "Select WAR file to upload" box, click the browse icon and select the WAR file from the unpacked distribution.
6. Click the Deploy button. An OK message at the top of the page indicates that the WAR has been successfully deployed to Tomcat.

Having successfully deployed the war file, you can invoke it by just clicking on /gria-client-mgt from the Applications section. You will then be asked to select a configuration directory. To upgrade ensure that you select the configuration directory used in the previous installation.

Prerequisites

The minimum recommended machine specification required to run this software package as well as software prerequisites can be found here.

Additionally, GRIA Client Management package requires the following software prerequisites

• eXist Database

Platform specific details on installing these software packages are provided below.

Preparing Your System

The documentation that explains how to install and configure the pre-requisites on different operating systems and how to configure their firewall settings, can be found here.

Deploying the Service to Tomcat

Deployment of the gria-client-mgt.war file is based on the standard procedure which should already be familiar to Tomcat users. If, however, this is not the case then this section can be used as a guide on how to deploy and invoke the the web application. The home directory of Tomcat is denoted by <TOMCAT_HOME>

The next steps require the use of a web browser to complete the war file deployment.

1. Using a web browser, load the main Tomcat server page (e.g. http://<servername>:8080) and select the "Tomcat Manager" link.

   N.B. "<servername>" should be replaced with the IP address or fully qualified hostname of the computer running the Tomcat server.

   You will be prompted for a username and password to be entered before displaying the manager page. Use "admin" as the username and enter the password that selected either by using the Tomcat installer (WinXP) or by editing the <TOMCAT_HOME>/conf/tomcat-users.xml (Linux) .

2. The page which loads once login has been successful presents the following sections:
   • Manager - lists the command controls and help functions
   • Applications - lists the applications currently deployed within Tomcat
   • Deploy - options for deploying applications to Tomcat
   • Server Information - lists specific information on Tomcat and the base platform it was installed to

   Scroll down to the WAR file to deploy subsection, within the Deploy section. Beside the "Select WAR file to upload" box, click the browse icon and select the gria-client-mgt.war file, before clicking the "Deploy" button:

3. An "OK" message at the top of the page indicates that the war has been successfully deployed to Tomcat.

The GRIA Client Management package should now also be listed within the Applications section. Note here in the last column is where individual applications may be started, stopped, reloaded or if desired undeployed completely from within Tomcat.

This completes the first part of the installation and deployment of the GRIA Client Management package.

Deploying eXist to Tomcat

Download eXist (goto download page). In order to install the war-file, you have to rename it into exist.war and deploy it under Tomcat.

It is recommended to change the admin login details of the eXist database using the eXist Database Administration homepage of eXist. Login as "admin" as described on the Administration homepage. After login, select "Manage Users" on the left-hand side menu. Select the "admin" checkbox and press "Edit". Define a new password, recognize it and press "Change". Afterwards logout using the left-hand side menu.

Configuring the Service

Having successfully deployed the war file, its web administration interface can now be accessed by clicking on the /gria-client-mgt link in the Applications section.

Alternatively you can invoke the web application via: http://<servername>:8080/gria-client-mgt.

N.B. "<servername>" should be replaced with the IP address or fully qualified hostname of the computer running the Tomcat server.

On starting the web application you will be presented with instructions on setting up an administrator login for the service. Once you have done this, the web application will guide you through the rest of the installation process.

If you get a 401 Not Authorized error without being prompted to log in, then this probably means that the Java compiler isn't working (check for errors in the catalina.out log file). The usual cause of this is trying to run tomcat immediately after installing Java. You must log out and log in again to ensure the JAVA_HOME environment variable is set to the correct location.

Uninstalling the Service

Note the instructions given below are for removing this software package only. Should you wish to also remove its pre-requisites, then you must follow the instructions provided with them.

1. Stop Tomcat (and, if you are using it, Apache)
2. Next remove the directory <TOMCAT_HOME>/webapps/gria-client-mgt and the file <TOMCAT_HOME>/webapps/gria-client-mgt.war which will have been copied when the web application was deployed.
3. Delete the configuration directory, e.g./etc/gria/client-mgt
4. Edit <TOMCAT_HOME>/conf/tomcat-users.xml file and remove the gria_client_mgt_admin role and user.

The Service Administration Page

The GRIA main administation page gives access to the administration pages of the individual services within the same .war file as well as providing configuration, status reporting and logging control for all services.

Initial Configuration

When first accessed, the services will be greyed out and the system will lead you to provide the required general configuration information, which is:

• The location of a configuration directory in which to store the service configuration. This is not stored inside the webapp so that it will not be lost when upgrading.
• A keystore containing the service's private key. This allows clients to check that they are really using the service they think they are.
• A location for the database files. GRIA uses hibernate, which allows it to be configured to use a range of database backends. However, the default is to store everything locally in a few files, which saves the need to configure a separate database server.
• The endpoint address for the service. The default offered should be used in most cases. When users create a new resource, this is the address that the service will tell them to use to access it. If your service is fronted by Apache on another machine, for example, you should give the address of the machine running Apache here.

The Navigation Menu

The navigation menu along the top of the window provides access to various useful pages:

Main

Return to the public page.

Admin

The main administration page.

Check Axis

Check that requires libraries are available for the underlying Axis system.

View logs

View the service log file and edit the logging configuration.

Access control

View the resources and resource types managed by the access control system.

List of services

View the list of services and their operations and WSDL interfaces.

Atom feed

Subscribe to this feed to get notifications of issues or problems with the services.

Send support request

If you have problems or suggestions, please send us a support request.

Service Status Feeds

Each service reports its current status and other important information. Each item is displayed on the main page under the service reporting it. You can also get this information from the Atom feed. This is useful if you have many services to administer, since you can get your news aggregator to subscribe to each one and check them for you.

After the general configuration is done, each service will report that it requires configuration too. Click on any item for more information.