Skip to content

Instantly share code, notes, and snippets.

@justingarrick
Last active September 19, 2018 06:18
Show Gist options
  • Save justingarrick/2589213 to your computer and use it in GitHub Desktop.
Save justingarrick/2589213 to your computer and use it in GitHub Desktop.
Setup OpenGrok on Tomcat (/w LDAP) to Search SVN
These instructions are an amalgamation of those posted at http://jdevel.wordpress.com/2011/03/26/running-opengrok-on-windows/ and my own experience.
To setup OpenGrok on Windows running under Tomcat:
1. Download OpenGrok binary. Just go to OpenGrok Home and download the latest (0.10, currently) binary
2. Download ctags. Just go to ctags, download windows zip file and extract it somewhere.
3. Edit web.xml. You need to extract lib/source.war somewhere and modify WEB-INF/web.xml slightly. I’ve modified the CONFIGURATION param to point to my generated configuration.xml file(more about it later) and added SRC_ROOT and DATA_ROOT to point to folder with sources to index and folder that OpenGrok should keep it’s data in (I’m not sure if these two are needed if you pass in configuration.xml)
<context-param>
<param-name>CONFIGURATION</param-name>
<param-value>D:/GrokTest/configuration.xml</param-value>
<description>Full path to the configuration file where OpenGrok can read it's configuration</description>
</context-param>
<context-param>
<param-name>SRC_ROOT</param-name>
<param-value>C:/opengrok/src_root</param-value>
</context-param>
<context-param>
<param-name>DATA_ROOT</param-name>
<param-value>C:/opengrok/data_root</param-value>
</context-param>
4. Deploy web app on Tomcat 6+. You can deploy it as an exploded directory or zip it into a .war if you like.
5. Index source/generate configuration.xml. OpenGrok has nice config generation tool. Just go to PATH_TO_OPENGROK/lib and launch:
java -jar opengrok.jar -W D:\GrokTest\configuration.xml -c <<path_to_ctags>>\ctags.exe -P -S -v -H -s D:\GrokTest\src -d D:\GrokTest\grokdata
You can omit -P if you don’t need projects (first level directories are considered projects with this option, not as source folders). This will index your source files and generate configuration.xml.
Now start Tomcat (PATH_TO_TOMCAT\bin\startup.bat) and check http://localhost:8080/source to make sure it's running. Try to search, should work fine.
If you change source you have to re-index and overwrite configuration.xml if you added/removed projects.
To setup automatic updates/reindexing, I created the following batch file:
cd c:\opengrok\src_root
for /f "delims=" %%i in ('dir /ad/b') do svn update %%i
cd c:\opengrok\lib
java -jar opengrok.jar -R c:\opengrok\configuration.xml -H
The batch file is run by a scheduled task, so the source is updated and reindexed at whatever interval you like
To add authentication, you can configure Tomcat for LDAP/AD auth by adding a JNDIRealm to the LockOutRealm in <Tomcat>\conf\server.xml, e.g.:
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://yourdomaincontroller.yourdomain.com:389"
connectionName="[email protected]"
connectionPassword="password"
referrals="follow"
userBase="DC=yourdomain,DC=com"
userSearch="(sAMAccountName={0})"
userSubtree="true"
roleBase="DC=yourdomain,DC=com"
roleName="cn"
roleSubtree="true"
roleSearch="(member={0})"
allRolesMode="strictAuthOnly"
/>
</Realm>
Then, select the LDAP roles (Active Directory groups) you want to allow to login, and add them to <Tomcat>\webapps\<OpenGrok>\WEB-INF\web.xml under the root <web-app> element, e.g.:
<security-constraint>
<web-resource-collection>
<web-resource-name>Site</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>DLG-HMS-DEVLPR-GVL</role-name>
<role-name>DLG-NA-NGPMS</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>YOUR-DEV-GROUP</role-name>
<role-name>YOUR-QA-GROUP</role-name>
</security-role>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment