Tutorial

1520 views
Skip to first unread message

Brian Dunbar

unread,
Jul 22, 2013, 4:48:10 PM7/22/13
to webpass...@googlegroups.com
The admin guide is good, and I have no trouble following it ... but has someone drafted a tutorial?

(I see that this was mentioned in August of 12 but nothing since.)

I will allow that getting intimate with Tomcat and mssql and so on is a good thing but I'd _really_ just like to get this up and running to show the boss so he can decide on a Y/N for it.

Regards,

Brian

Josh

unread,
Jul 28, 2013, 7:54:47 PM7/28/13
to webpass...@googlegroups.com
No I haven't had the time yet.  Although I'd like to use this space to collect ideas of what people would like tutorials on.  Obviously deeper than the administrator and developer guides current go, mainly for those without Java experience, but to what detail? Which subjects/areas in particular?  Thanks.

Huan Nguyen

unread,
Oct 2, 2013, 3:47:11 PM10/2/13
to webpass...@googlegroups.com
I like to begin using this product. Is there a detail instruction on how to get this install and going? I looked at http://webpasswordsafe.googlecode.com/svn-history/r96/trunk/docs/install.txt but it doesn't really help. Any help would be appreciated. thanks.

Josh

unread,
Jan 5, 2014, 7:11:37 AM1/5/14
to webpass...@googlegroups.com

Jonathon

unread,
Mar 13, 2014, 5:20:19 AM3/13/14
to webpass...@googlegroups.com
Here's how I got it running on Debian 7:

sudo apt-get install openjdk-7-jdk mysql-server libmysql-java tomcat7 maven

(define mysql_root_password during installation)

sudo vi /etc/environment
    add paths:
        export JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64
        export CATALINA_HOME=/usr/share/tomcat7
        export MAVEN_HOME=/usr/share/maven

source /etc/environment

mysql -u root -p
    set up database:
        mysql> create database webpasswordsafe;
        mysql> create user wps@localhost identified by 'mysql_wps_password';
        mysql> grant all privileges on webpasswordsafe.* to wps@localhost;
        mysql> grant usage on webpasswordsafe.* to wps@localhost;
        mysql> flush privileges;
        mysql> exit

Download JCE from http://www.oracle.com/technetwork/java/javase/downloads/index.html
The link is at bottom of page: Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7
   
unzip UnlimitedJCEPolicyJDK7.zip
sudo cp UnlimitedJCEPolicy/*.jar $JAVA_HOME/jre/lib/security/

wget http://webpasswordsafe.googlecode.com/files/webpasswordsafe-src-1.3.zip
wget http://webpasswordsafe.googlecode.com/files/webpasswordsafe-dependencies-bin-1.2.zip
unzip webpasswordsafe-src-1.3.zip
cp /usr/share/java/mysql-connector-java.jar webpasswordsafe/war/WEB-INF/lib/

mv webpasswordsafe-dependencies-bin-1.2.zip /tmp
cd /tmp
unzip webpasswordsafe-dependencies-bin-1.2.zip
cp -r webpasswordsafe-dependencies-bin/resources/* ~/webpasswordsafe/war/gxt/

mvn install:install-file -DgroupId=com.extjs -DartifactId=gxt -Dversion=2.2.5 -Dpackaging=jar -Dfile=gxt-2.2.5-gwt22.jar
mvn install:install-file -DgroupId=net.sf.gwt-widget -DartifactId=gwt-sl -Dversion=1.1 -Dpackaging=jar -Dfile=gwt-sl-1.1.jar
mvn install:install-file -DgroupId=trove -DartifactId=trove -Dversion=2.0.4 -Dpackaging=jar -Dfile=trove-2.0.4.jar

cd ~

vi webpasswordsafe/war/WEB-INF/encryption.properties
    set secret key at encryptor.jasypt.password
    I assume that the default encryption algorithm is ok.

vi webpasswordsafe/war/WEB-INF/jdbc.properties
    set db user key
        jdbc.username=wps
        jdbc.password=mysql_wps_password

    uncomment mysql config:
        # MySQL/MariaDB settings
        hibernate.dialect=org.hibernate.dialect.MySQL5InnoDBDialect
        jdbc.driverClassName=com.mysql.jdbc.Driver
        jdbc.url=jdbc:mysql://localhost:3306/webpasswordsafe
        jdbc.validationQuery=select 1


vi webpasswordsafe/war/WEB-INF/webpasswordsafe-service.xml
    I didn't change anything. By default local authentication is used and that's ok for me

cd webpasswordsafe

mvn clean package
    have a cup of tea - it takes a while
    The result wil be a .war (web archive) file

sudo /etc/init.d/tomcat7 stop
sudo cp target/webpasswordsafe-1.3.war /var/lib/tomcat7/webapps/
sudo /etc/init.d/tomcat7 start

On Debian, the tomcat auto-deploy feature is enabled by default. Just placing the .war file there and starting the server will install it.

Give it a test drive http://<host>:8080/webpasswordsafe-1.3

Rene Purcell

unread,
Apr 27, 2014, 1:43:13 PM4/27/14
to webpass...@googlegroups.com
Thanks for this quick howto, it saved me few precious minutes!

I've just added a complet post on my blog on howto install the WAR version on CentOS 6


I've added two other howto on installing JAVA+JCE and Tomcat. I would need some input on those documentation if someone is willing to try and comment!

Thanks

Tanguy Mezzano

unread,
Jul 11, 2014, 10:32:17 AM7/11/14
to webpass...@googlegroups.com
Hi,

I've installed webpasswordsafe-1.3 on an opensuse 13.1 and I'm stuck with the "Sesstion Timeout. Please login again." problem.
The context is a mysql connection with apache2 web server.

What would be the configuration of tomcat server.xml and apache2 *.conf files to bypass that bug?

Thanks,

Tanguy

Jonathon

unread,
Aug 4, 2014, 12:10:01 AM8/4/14
to webpass...@googlegroups.com
I was too lazy to set up Apache since I am using wps in a lab with low traffic, and so can get away with using the Tomcat built-in web server.

I used the following sites to try to make it secure (I am no expert in this field):

First generate and install an SSL certificate:

     sudo /etc/init.d/tomcat7 stop
     $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore ~/keystore
     sudo mv keystore /etc/tomcat7/keystore
     sudo chown root.tomcat7 /etc/tomcat7/keystore
     sudo chmod 440 /etc/tomcat7/keystore

Configure Tomcat properties:

     sudo vi /etc/tomcat7/server.xml

Disable the remote shutdown port:

        <Server port="-1" shutdown="SHUTDOWN">
 

Comment out the http connector, enable SSL and specify secure chiphers:

            <!--
            <Connector port="8080" protocol="HTTP/1.1"
                    connectionTimeout="20000"
                    URIEncoding="UTF-8"
                    redirectPort="8443" />
            -->

        <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               Server=" "
               Secure="true"
               keystoreFile="/etc/tomcat7/keystore"
               keystorePass="the_keystore_password"
               clientAuth="false" sslProtocol="SSL" 
               ciphers="SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA" />


Restrict access to the file, and start up Tomcat:

     sudo chmod 440 /etc/tomcat7/server.xml
     sudo /etc/init.d/tomcat7 start

Test that the https connection works: https://[host]:8443

This doesn't actually answer your question, sorry about that.
Reply all
Reply to author
Forward
Message has been deleted
Message has been deleted
0 new messages