Post-Install
Install JDBC Driver
The JDBC driver that matches the runtime environment must be copied into the directory [TOMCAT_HOME]/lib.
The driver is usually shipped with the database product and can also be downloaded from the manufacturer’s website.
Register JNDI Resource (container-managed database connections)
If the use of container-managed database connections is selected during the installation process (recommended), it is necessary to configure the JNDI resource to allow the database connection to be made available by the servlet container.
The XML fragment <Resource name="secmandb"…> located in [INSTALL_FOLDER]/postinstall/[lic_]postinstall_[deu|eng].txt must be added to the <GlobalNamingResources> element of [TOMCAT_HOME]/conf/server.xml.
<GlobalNamingResources>
...
<Resource
name="secmandb"
auth="Container"
type="javax.sql.DataSource"
maxTotal="100"
maxIdle="30"
maxWaitMillis="10000"
username="foo"
password="bar"
driverClassName="org.postgresql.Driver"
url="jdbc:postgresql://localhost:5432/secman"
defaultAutoCommit="false"/>
...
</GlobalNamingResource>Proxy Support (optional)
To secure services that are not accessed directly but via a proxy, it is necessary to add a proxy configuration to the Java servlet engine in which the WSS is operated. The following parameters must be set in the environment of the engine:
http.proxyHost=[HTTP_PROXY_SERVERNAME]
http.proxyPort=[HTTP_PROXY_SERVERPORT]
http.nonProxyHosts=[LIST_SERVER_WO_HTTP_PROXYACCESS]
https.proxyHost=[HTTPS_PROXY_SERVERNAME]
https.proxyPort=[HTTPS_PROXY_SERVERPORT]
https.nonProxyHosts=[LISTE_SERVER_WO_HTTPS_PROXYACCESS]These parameters can be defined for Tomcat as Java parameters using the Tomcat configuration tool, as follows:
| These settings apply to all web applications of the Tomcat service, and not only to components of the security.manager. If this is not wanted, run the security.manager components in a separate Tomcat installation. |
Restart the Tomcat service after the parameters have been set.