TOC
Introduction 6
Plan the Installation 7
System Requirements 8
Software Requirements 9
Operating Systems 9
Databases 9
Additional Components 9
Hardware Requirements 10
Journey Manager Application Servers 10
Database Servers 10
Installation Process 11
Configure Database Server 12
Configure MySQL Database 13
Configure Binary Storage 13
Create Database 13
Create Tables 14
Create Indexes 14
Configure Oracle Database 15
Create Database 15
Create Tables 15
Remove Sequences 15
Create Sequences 16
Configure SQL Server 17
Configure TCP/IP Connectivity 17
Create Database 18
Create Tables 21
Page 1 of 130
Create Indexes 21
Run the Installer 23
Create a Dedicated User - Linux 24
Scripted Installation Mode 25
Installation Setup Wizard 28
Interactive Installation GUI Mode 29
Interactive Installation CLI Mode 30
Installation Modes 31
License Key 32
OS Version - Linux 33
Database Server 34
PDF Receipt Services 35
Server Memory 36
Security Configuration 37
Installation Directory 38
Modules and Form Spaces 40
Server Monitoring Form 41
Logging Configuration 42
Configure Database 43
Perform Installation 44
Create a Service 45
Microsoft Windows 45
Linux 45
Linux Service Script 46
- 2 -
Install Additional Components - Linux 49
Configure the Proxy 50
Installation Details 51
Add Multiple Journey Manager Nodes 52
Configure Journey Manager 53
Start the Journey Manager Service 54
First Administrator Login 56
Harden Administrator Access 58
Disable the Administrator's Account 59
Configure Module Context Paths 62
Configure Environment Properties 63
Configure Email Settings 65
Data Retention Management 66
Chromium Puppeteer Receipt Service 67
Install Chromium Puppeteer - CentOS 7 68
Install Chromium Puppeteer - Windows 71
Configure Apache Server 72
Microsoft IIS Users 72
Configure Apache Server - Windows 73
Configure Apache Server - Linux 76
Add Form Spaces 80
Configure Virus Scanner 81
Configure ClamAV 82
Configure Symantec Scan Engine 83
- 3 -
Upgrade Journey Manager 84
Data Retention Policy Mode 86
Back up the Journey Manager Database 87
Upgrade Journey Manager Server 88
Reinstall Journey Manager 89
Update a Service - Linux 91
Update the Journey Manager Database 92
Update Apache Configuration 94
Verify the Server Upgrade 96
Clean up the JDK Folder 97
Installation Rollback 98
Upgrade Checklist 100
Upgrade Previous Versions 101
Version 5.0 Upgrade 102
Form Work Space Changes 103
Updated Default Configurations 104
Version 5.1 Upgrade 105
Form Work Space Changes 106
Important Notes 106
Version 17.10 Upgrade 107
Apache 2.4 Support 108
New DB Unique Indexes 109
Dynamic PDF Receipt 2 Service 111
Form Work Space Changes 113
- 4 -
Important Notes 113
Version 18.05 Upgrade 115
Submission Data DB Indexes 116
Form Work Space Changes 118
Important Notes 118
Version 18.11 Upgrade 119
Removal of Maguire Example 120
Form Work Space Changes 121
Important Note: 121
Version 19.5 Upgrade 122
Removal of BIRT Report Module 123
Installation Checklist 124
Installation Prerequisites 125
Database Checklist 126
Journey Manager Checklist 127
Apache Checklist 128
ClamAV Checklist 129
Security Checklist 130
- 5 -
Introduction | System Administrator |
Before you can start using Journey Manager, you must correctly install and configure it. This is easy to do by following this
documentation, which is designed and written for product evaluators, administrators, as well as developers. However, to
install Journey Manager on CentOS Linux, Oracle Linux, Red Hat Enterprise Linux or Microsoft Windows operating sys-
tems, you should be familiar with your target operating system and its administration.
The installation documentation is version specific, because each installer may require some additional steps to be per-
formed before, during or after the installation or upgrade process. This documentation is for Journey Manager version
19.05 and 19.11. For the previous versions of Journey Manager, see the installation guides listed below:
Release Version Installation Guide
18.11 tm_installation_guide_v18.11.pdf
18.05 tm_installation_guide_v18.05.pdf
17.10 tm_installation_guide_v17.10.pdf
5.1 tm_installation_guide_v5.1.pdf
4.3 tm_installation_guide_v4.3.pdf
Avoka is now a part of Temenos, so the product names have been changed. This includes Transact Manager, which has
been re-branded as Journey Manager and the change has been applied in the release 19.5.0. The modules have also been
re-branded, so Transact Maestro has become Journey Maestro and so on.
The user interfaces have been re-branded, however, to ensure a smooth upgrade for our client base, the following items
retain the Avoka Transact names in the 19.5.0 release:
l Installer file name: avoka-tm-setup-19.5.0-win-x64.jar or avoka-tm-setup-19.5.0-linux-x64.-jar
l Default installation directory: /opt/avoka/transact/manager or C:/avoka/transact/manager
l Default database schema and user names: txmanager
l Service names: Avoka Transaction Manager (Windows ) or txmanager (Linux)
l Module names and the corresponding WAR files names: Transact Manager or tm-manager.war
l Code module paths to ensure that existing custom Groovy scripts work, for example, Fluent API com.a-voka.tm.vo.Txn
Next
Introduction - 6 -
Plan the Installation | System Administrator |
Before you start your installation:
l Ensure you have read this installation guide.
l If you are upgrading Journey Manager, see upgrade Journey Manager.
Next
Plan the Installation - 7 -
System Requirements | System Administrator |
This section discusses the Journey Manager system requirements.
Next
System Requirements - 8 -
Software Requirements | System Administrator |
Operating Systems
l CentOS Linux 7 on Intel x86-64 (recommended)
l CentOS Linux 6 on Intel x86-64 (supported)
l Oracle Linux 6 (Unbreakable Enterprise Kernel) on Intel x86-64
l Red Hat Enterprise Linux Server AP 7 on Intel x86-64
l Microsoft Windows Server 2016 on Intel x86-64
Databases
l AWS Aurora RDS (MySQL-Compatible Edition)
l Oracle Database 12c and 11g
l Microsoft SQL Server 2017, 2014 and 2012
l MySQL 5.7, 5.6 and 5.5 (InnoDB storage engine only)
Additional Components
l Apache Web Server 2.4 (recommended)
l Apache Web Server 2.2 (supported)
l SSL TLS server certificate to enable HTTPS in Journey Manager
l ClamAV for Linux
l Symantec Scan Engine 5.2 for Windows
Next
Software Requirements - 9 -
Hardware Requirements | System Administrator |
Journey Manager Application Servers
Journey Manager runs best on the Intel x86-64 Xeon CPU architectures with high CPU performance. For on premise
deployment, we recommend server virtualization, such as VMware or Microsoft Hyper-V, to enable better hardware util-
ization and improve operational support.
The recommended application server specification is:
l Intel Xeon Processors 8 Cores with 2.4 GHz or greater clock speed (4 Cores minimum).
l 16 GB of RAM (8 GB minimum).
l 50 GB of local disk storage.
l 1 TB of shared SAN or NAS storage for shared transaction data, such as PDF receipts and file attachments. Shared
SAN or NAS storage must be highly available.
l I/O subsystem should support 2000 IOPS or greater.
Minimum configurations are only suitable for non-production environments or lower environments not being used for per-
formance load testing.
Database Servers
The database is a critical component in our architecture and must provide high availability to the application server nodes.
The database server should support 2000 IOPS or greater.
The recommended database server specification is
l Intel Xeon Processors (8 Cores) with 2.4 GHz or greater clock speed.
l 16 GB of RAM.
l 500 GB of storage.
For non production databases, you can use a single database server, which supports multiple Manager databases and
schemas in UAT, Test, Dev.
Next
Hardware Requirements - 10 -
Installation Process | System Administrator |
This chapter describes how to install a new Journey Manager instance.
If you are upgrading a Manager instance, see upgrade Journey Manager.
Next
Installation Process - 11 -
Configure Database Server | System Administrator |
The first step in performing a Journey Manager installation is to create a database schema to store and manage the Jour-
ney Manager's configurations, transactions and various reporting data.
Next
Configure Database Server - 12 -
Configure MySQL Database | System Administrator |
Configure Binary Storage
To configure the MySQL server to store large binary files:
1. Stop the MySQL database.
2. Edit the MySQL configuration file: $MYSQL/my.cnf or $MYSQL\my.ini.
3. Enable the Max. packet size option and set the maximum packet size to 100 M to store large BLOB records.
4. Set the start up parameter: max_allowed_packet=100M
5. Add the InnoDB log file size start up parameter: innodb_log_file_size=1G. This is for MySQL v5.6 data-
bases only.
6. Restart the MySQL database to apply the changes.
Create Database
To create the MySQL database:
1. Log onto mysql as a root user:
mysql -u root -p
2. Create a txmanager user:
CREATE USER 'txmanager'@'localhost' IDENTIFIED BY 'your_password';
Use a hardened password and record it, as you will need it when running the Journey Manager installer.
3. Create a txmanager database:
CREATE SCHEMA `txmanager` DEFAULT CHARACTER SET utf8 COLLATE utf8_uni-code_ci;
4. Grant database privileges to the txmanager user:
GRANT ALL PRIVILEGES ON txmanager.* TO 'txmanager'@'localhost' IDENTIFIED BY 'your_password'; FLUSH PRIVILEGES;
Configure MySQL Database - 13 -
Create Tables
During the Journey Manager installation, you can select the option to automatically create the database tables. However, if
you want to create the database tables manually, you can execute the following scripts:
mysql -u txmanager -p password < [JM install folder]/sql/setup-db-mysql.sql mysql -u txmanager -p password < [JM install folder]/sql/setup-db-history-mysql.sql
Create Indexes
The following database indexes may be missing in Journey Manager prior to version 19.11, so you need to add them manu-
ally to enhance Journey Manager performance. |
To create new database indexes:
1. Log onto mysql as a root user.
2. Execute the following queries:
create unique index ui_job_reference_number on job (reference_number); create unique index ui_release_version_number on release_version (ver-sion_number); create unique index ui_submission_attribute on submission_attribute (sub-mission_oid, attribute_type); create unique index ui_submission_group on submission_group (submission_oid, group_oid); create unique index ui_submission_property_name on submission_property (submission_oid, property_name); create index ix_lib_res_hist_lib_res_oid on library_resource_history (lib-rary_resource_oid); create index ix_schema_extrt_map_client_oid on schema_extract_map (schema_oid); create index ix_sub_prop_sch_submission_oid ON submission_property_search(submission_oid);
Next
Configure MySQL Database - 14 -
Configure Oracle Database | System Administrator |
Create Database
To create the Oracle database:
1. Log onto SQL*Plus as a system user.
2. Create a txmanager user:
CREATE USER txmanager IDENTIFIED BY your_password;
Use a hardened password and record it, as you will need it when running the Journey Manager installer.
3. Grant connect and resource roles to the txmanager user:
grant connect, resource to txmanager;
Create Tables
During the Journey Manager installation, you can select the option to automatically create the database tables. However, if
you want to create the database tables manually, you can execute the following command after installing Journey Man-
ager:
1. Log onto SQL *Plus as the txmanager user:
connect txmanager/your_password
2. Execute the SQL scripts:
@[JM artifacts folder]\sql\setup-db-oracle.sql @[JM artifacts folder]\sql\setup-db-history-oracle.sql
Replace [JM artifacts folder] with your installation directory.
Remove Sequences
Several database sequences are no longer used in Journey Manager v19.11 , so you can remove them to save some
space. |
To remove the existing database sequences:
Configure Oracle Database - 15 -
1. Log onto SQL *Plus.
2. Execute the following queries:
DROP PK_XML_INPUT_VERSION; DROP PK_FINDER_CATEGORY; DROP PK_OFFLINE_SUBMISSION_FORM; DROP PK_MANAGED_PACKAGE; DROP PK_MANAGED_PACKAGE_DATA;
Create Sequences
A new sequence has been introduced in Journey Manager v19.11, so you need to create it, if it doesn't exist already. |
To create a new database sequence:
1. Log onto SQL *Plus.
2. Execute the following query:
CREATE PK_SUBMISSION_PROPERTY_SEARCH;
Next
Configure Oracle Database - 16 -
Configure SQL Server | System Administrator |
Configure TCP/IP Connectivity
Journey Manager connects to the SQL Server database using JDBC drivers, which use the TCP/IP protocol, so you need
to enable TCP/IP connectivity.
To enable TCP/IP connectivity:
1. Log onto the SQL server and open SQL Server Configuration Manager.
2. Navigate to SQL Server Network Configuration and double click TCP/IP.
3. Select it as Enabled and click Apply.
4. Select the IP Addresses tab and scroll down to the TCP Port setting. The default value is 1433, which the installer
uses to configure the SQL database connection. If you have configured an TCP Port other than 1433, take a note of
it, so you can use it later during installation.
5. Click OK.
Configure SQL Server - 17 -
Create Database
1. Log onto the Microsoft SQL Server Management Studio as the admin user, which is sa.
2. Enter the txmanager in the Database name field and sa in the Owner field to create a new database.
3. Select the Options tab and adjust the database collation, so it is in line with the languages that will be used in Jour-
ney Manager's form spaces and forms. For example, you should use the Latin1 collation for Western European lan-
guages.
To check the collation of the SQL server instance, right click a server instance and select Properties.
Configure SQL Server - 18 -
4. Select Security > Logins to create a txmanager user.
Configure SQL Server - 19 -
5. Enter txmanager in the Login name field.
6. Create a password in the SQL Server authentication. Make a note of the password as you will need it during the
Journey Manager installation.
7. Select txmanager from the Default database dropdown list.
8. Select Databases > txmanager > Security > Users to associate a new user login with database using the fol-
lowing details:
l User name: txmanager
l Login name: txmanager
l Default schema: dbo
l Role Members: db_owner
Configure SQL Server - 20 -
9. Click OK.
Create Tables
During the Journey Manager installation, you can select the option to automatically create the database tables. However, if
you want to create the database tables manually, you can execute the following command after installing Journey Man-
ager:
1. Log onto the Microsoft SQL Server Management Studio as the txmanager user.
2. Open a new query window and execute the SQL scripts:
[JM artefact folder]\sql\setup-db-sqlServer.sql [JM artefact folder]\sql\setup-db-history-sqlServer.sql
Create Indexes
The following database indexes may be missing in Journey Manager prior to version 19.11, so you need to add them manu-
ally to enhance Journey Manager performance. |
To create new database indexes:
Configure SQL Server - 21 -
1. Log onto the Microsoft SQL Server Management Studio as the txmanager user.
2. Execute the following queries:
create unique index ui_job_reference_number on job (reference_number); create unique index ui_release_version_number on release_version (ver-sion_number); create unique index ui_submission_attribute on submission_attribute (sub-mission_oid, attribute_type); create unique index ui_submission_group on submission_group (submission_oid, group_oid); create unique index ui_submission_property_name on submission_property (submission_oid, property_name); create index ix_lib_res_hist_lib_res_oid on library_resource_history (lib-rary_resource_oid); create index ix_schema_extrt_map_client_oid on schema_extract_map (schema_oid); create index ix_sub_prop_sch_submission_oid ON submission_property_search(submission_oid);
Next
Configure SQL Server - 22 -
Run the Installer | System Administrator |
Journey Manager is distributed via an installer, which you can run in 3 different modes:
l Interactive GUI Mode - it uses a Setup Wizard, which leads you through a series of questions and then performs the
installation.
l Interactive CLI Mode - it uses a Command Line Interface (CLI) interactive mode, which runs you through the same
questions via the command line interface.
l Scripted CLI Mode - it uses a configuration properties file to perform the installation automatically.
We recommend using the scripted CLI mode for non-development environments to minimize the number of human errors.
You can also automate the installation and upgrade processes, which follows the DevOps best practices.
Next
Run the Installer - 23 -
Create a Dedicated User - Linux | System Administrator |
For security reasons, Journey Manager and related services must be run by a dedicated user, which is not a root user, so
you must create a new tmuser user, If it doesn't exist.
Always run the installer as the tmuser user.
To create the tmuser user on Linux:
1. Log onto a Linux server as root.
2. Create a new tmuser user:
useradd tmuser passwd tmuser
3. Run visudo to grant the sudo access to tmuser.
4. Add the following line to the end of the configuration file using the vi syntax:
tmuser ALL=(ALL) ALL
5. Save the configuration and exit theeditor.
6. Log out as root.
7. Log in as tmuser.
8. Create Manager directories with the correct permissions for the new user:
sudo mkdir /data sudo chown -R tmuser /data
Use /data as the destination directory for the installer. You can use a different directory, but it must be
accessible to the tmuser user.
Next
Create a Dedicated User - Linux - 24 -
Scripted Installation Mode | System Administrator |
You can automate the Journey Manager installation, which is useful when you must install our software on several servers.
The Journey Manager installer comes with CLI, which allows you to specify a property file with the installation con-
figuration, using the -config command line parameter, as shown below:
Windows
java -jar avoka-tm-setup-19.5.0-win-x64.jar -config tm-installer.properties
Linux
java -jar avoka-tm-setup-19.5.0-linux-x64.jar -config tm-installer.properties
An example tm-installer.properties file is provided below:
## Temenos Journey Manager setup task you want to perform # install | upgrade-server | init-database | custom-portal deployment.mode=install ## Temenos Journey Manager License Key system.license.key= ## Temenos Journey Manager deployment environment # aws | onprem deployment.env=onprem ## Enforce Organization data isolation # true | false enforce.data.isolation=true ## Data Retention Policy Mode # strict | relaxed data.retention.policy=strict ### Databse setup ## Database server type that will be used for Temenos Journey Manager # mysql | oracle | sqlserver database.product=mysql ## Server hosting the database # localhost | etc database.server=localhost ## Database port # 3306 | 1521 | 1433 | etc
Scripted Installation Mode - 25 -
database.port=3306 ## Database schema name that Journey Manager will be using. This database must already exist. # txmanager | etc database.schema=txmanager ## Database user that Journey Manager will be using. This user must already exist. # txmanager | etc database.user=txmanager ## Database user's password database.password=password ## Create the database tables automatically. ## The database/schema must already exist and the login must also have per-mission to login and create the tables. # true | false database.create=true #### Application server setup ## Directory where Journey Manager server is installed # /opt/avoka/transact/manager | C:/avoka/transact/manager | etc install.destination.dir=C:/avoka/transact/manager ## Directory where installer setup files will be created # /usr/avoka-tm-setup | C:/avoka-tm-setup | etc install.dir=C:/avoka-tm-setup ## Directory to backup the Journey Manager server to # /data/avoka-tm-backup | C:/avoka-tm-backup | etc backup.dir=C:/avoka-tm-backup ## Clean up server module JARs # true | false cleanup.modules=true ## Journey Manager Server Memory (Mb) # 8192 | 4096 | 2048 | 512 java.heap.size=8192 # Java GC Memory (MB) - set to half the value of java.heap.size java.xmn.size=4096 ## Use secure cookies (HTTPS) # true | false cookie.secure=true ## Use only the secure Journey Manager Fluent SDK # true | false groovy.secure.api=false ### Modules and Spaces
Scripted Installation Mode - 26 -
## Journey Manager # true | false deploy.manager=true ## Web Plugin # true | false deploy.web.plugin=true ## Work Space # true | false deploy.work.space=true ## Salesforce Space # true | false deploy.salesforce.space=false ## Server Monitoring Form # true | false deploy.monitoring.form=true ## Receipt Server # true | false deploy.receipt.server=true ## Maguire Org, Space, Forms and Services # true | false deploy.example.content=false ## PDF receipt generation services to be used with Temenos Journey Manager # none | 10.0.2 livecycle.version=none ## Logging date/time format log.date.format=%d{yyyy-MM-dd'T'HH:mm:ss.SSSz} %-5p [%c] (%t) %s%E%n
You must obtain your system license, which is the system.license.key value, from Temenos before per-
forming the installation. Each separate Manager environment, such as PROD, TEST, and DEV, needs its own
license key. Developers can also obtain a license key for local development usage.
Next
Scripted Installation Mode - 27 -
Installation Setup Wizard | System Administrator |
You must have JDK 1.7 or later installed on your server to be able to install Journey Manager.
To check which Java version is installed on the server, run the java -version command.
Windows
You need run to the installer with administrator privileges, namely Run as Administrator , so it can create the Journey
Manager Windows service.
Linux
You need to run the installer as the dedicated tmuser user.
Next
Installation Setup Wizard - 28 -
Interactive Installation GUI Mode | System Administrator |
To install Journey Manager using the interactive mode, run the following commands from the installation folder on your
operating system:
Windows
java -jar avoka-tm-setup-19.5.0-win-x64.jar
Linux
java -jar avoka-tm-setup-19.5.0-linux-x64.jar
Make sure a Linux tmuser user has read and write permissions on the installation folder, so the installer can run
successfully. For more information, see create a dedicated user.
After this command runs, you should see the Journey Manager welcome screen, so you can proceed with the installation..
Next
Interactive Installation GUI Mode - 29 -
Interactive Installation CLI Mode | System Administrator |
The Journey Manager installer normally interacts with a user via GUI, but you can also run it in text-only mode so it inter-
acts with a user via CLI. The installation steps are the same, but the choices are all presented on the console.
To install Journey Manager using the interactive CLI mode, run the following commands from the Journey Manager install-
ation folder:
Windows
java -jar avoka-tm-setup-19.5.0-win-x64.jar text
Linux
java -jar avoka-tm-setup-19.5.0-linux-x64.jar text
Next
Interactive Installation CLI Mode - 30 -
Installation Modes | System Administrator |
The Journey Manager installer allows you to specify your installation options on the Installation Mode Setup screen:
To choose the installation modes and deployment environments:
1. Select the setup task, which can be:
l Install a new Journey Manager server.
l Upgrade an existing Journey Manager server, which must be version 4.3 or higher.
l Configure a Journey Manager server to use a database.
l Build a custom user portal.
2. Select the environment where to install Journey Manager:
l AWS Cloud - if a server is hosted on the Amazon cloud.
l On Premise- if a server is hosted on client premises.
The deployment mode affects what screens are shown in the installer, so ensure you select the correct set-
ting to avoid any installation issues.
3. Click Next.
This documentation only describes how to install and upgrade Journey Manager.
Next
Installation Modes - 31 -
License Key | System Administrator |
The License Key screen allows you to enter the license key for your Journey Manager server. It is not permitted to install
or run a Journey Manager server without a valid license key, so you must request it from Temenos before the installation.
You will need to use the license key for each Manager installation and upgrade, including development and test envir-
onments.
To specify the license key:
1. Enter the license key in the Journey Manager Server License Key field.
Make a record of the license keys and keep it handy as you need them to install or upgrade a Journey Man-
ager server using the installer.
2. Click Next.
A Journey Manager instance maps to a Journey Manager database, such as Prod, UAT, Test, and Dev. Each Journey Man-
ager instances can comprise several server nodes. Typically, a production Journey Manager instance has at least 2 server
nodes to provide high availability, while a development Journey Manager instance has only 1 server node.
If Journey Manager servers are deployed on premise, the network firewall rules must be configured to allow Journey Man-
ager server nodes to upload license compliance reports to https://s3-us-west-2.amazonaws.com. License compliance
reports contain transaction licensing meta data that are automatically uploaded at the end of each day. If the license report-
ing can't be uploaded, errors are thrown and recorded in the error log.
Next
License Key - 32 -
OS Version - Linux | System Administrator |
The OS Version screen allows you to select your target Operation System version, so the Journey Manager installer uses
correct libraries.
To specify the target OS version:
1. Select one of the following:
l CentOS 7
l CentOS 6
2. Click Next.
Next
OS Version - Linux - 33 -
Database Server | System Administrator |
The Database Server screen allows you to select a database server that Journey Manager will use to store and manage
its data. The installer configures Journey Manager and relevant applications based on your selection. If you need to
change the database later, you can do it by re-installing Journey Manager again. However, the data won't be migrated to
the new database.
You can only see this screen if you've chosen the on premise installation. For the AWS cloud installation,
Amazon RDS Aurora is used.
To specify a database:
1. Select one of the following:
l MySQL 5.7, 5.6 and 5.5
l Oracle 12c and 11g
l SQL Server up to 2017 with unicode support
If you are upgrading an existing Journey Manager server, select the database currently configured for your
server.
2. Click Next.
Next
Database Server - 34 -
PDF Receipt Services | System Administrator |
The PDF Receipt Services screen allows you to specify services that Journey Manager will use to generate PDF
receipts. The installer configures Journey Manager's services based on your selection.
You can only see this screen if you've chosen the on premise installation.
To specify a receipt generator:
1. Select one of the following:
l Default Services
l Adobe LiveCycle ES4 or ES3. |
2. Click Next.
Next
PDF Receipt Services - 35 -
Server Memory | System Administrator |
The Journey Manager Server Memory screen allows you to configure how much memory will be available to your Jour-
ney Manager server.
To specify the correct memory settings:
1. Select the Java Max Memory, which is the amount of memory that will be available to the Journey Manager applic-
ation server:
l 12 GB RAM
l 8 GB RAM
l 4 GB RAM
l 1 GB RAM - development environments only
2. Select the Java GC Memory, which is the garbage collector memory that must be at least half of the Java Max
Memory value:
l 6 GB RAM
l 4 GB RAM
l 2 GB RAM
l 0.5 GB RAM - development environments only
3. Click Next.
Next
Server Memory - 36 -
Security Configuration | System Administrator |
The Security Configuration screen allows you to configure several important Journey Manager security settings.
To specify the security settings:
1. Select the Use secure cookies (HTTPS) checkbox to harden the Journey Manager security, so users can only log
onto the system over the secure HTTPS protocol. You must select this option for production and system testing
environments. For development or evaluation purposes, you don't need to select this option.
We strongly recommend you to use SSL with certificates issued by a valid CA on all servers, including non-pro-
duction servers.Don't use self-signed certificates, as they can cause many non-existent issues, which are hard to troubleshoot.
2. Select the Use only the Fluent API checkbox so services can use the Journey Manager's Fluent API only. If not
selected, developers can create dynamic Groovy services using legacy mode.
3. Select the Enforce Org. data isolation checkbox to limit Groovy services data access to the organization where
the services are running. This ensures Groovy services are not able to access user transaction data or application
configurations outside of their organization security context.
4. Click Next.
Next
Security Configuration - 37 -
Installation Directory | System Administrator |
The Installation Directory screen allows you to configure the directories where Journey Manager will be installed or
upgraded. These directories are slightly different, as described below.
To specify the server's installation directories:
1. Select a directory from the Journey Manager server field, where to install Journey Manager.
2. Select a directory from the Setup installation directory field, where the installer will store the deployment modules
and resources that are not deployed to Journey Manager, such as SQL table create scripts, LiveCycle archives and
so on.
3. Click Next.
To specify the server's upgrade directories:
1. Ensure the Journey Manager service is stopped.
2. Select a directory from the Journey Manager server field, where to upgrade Journey Manager.
3. Select a backup directory from the Backup directory field, where the installer will create a backup of the current
Journey Manager server's directory before the upgrade.
4. Select a directory from the Setup installation directory field, where the installer will store the deployment modules
and resources that are not deployed to Journey Manager, such as SQL table create scripts, LiveCycle archives.
Installation Directory - 38 -
If the Setup installation and the Backup directory folders exist, make sure they are empty.
5. Check the target database version. is correct for the Journey Manager version to be upgraded.
6. Click Next.
Next
Installation Directory - 39 -
Modules and Form Spaces | System Administrator |
The Modules and Spaces screen allows you to choose modules and form spaces to be deployed on the Journey Man-
ager server. Depending on your solution design, you may want to have separate servers for hosting public facing and man-
agement modules.
To specify the modules and form spaces:
1. Select the Core Modules that can be:
l Journey Manager - the management console, Temenos Marketplace and Journey Analytics modules.
l Receipt Server - the background PDF generator.
2. Select the Form Spaces that can be:
l JM Web Plugin - the default Web Plugin for public facing anonymous and authenticated form applications integ-
rated with public web sites.
l JM Work Space - the default Work Space form space for business staff and often internal staff performing tasks,
collaboration jobs and help desk functions.
l JM Salesforce - a form space to support Salesforce integration.
3. Click Next.
If you need to create a custom Journey Manager Work Space, use the Create a Journey Manager Work-
space option .
Next
Modules and Form Spaces - 40 -
Server Monitoring Form | System Administrator |
The Server Monitoring Form screen allows you to deploy the Server Monitor Test form on the Journey Manager server,
which is designed to monitor server availability externally, so it can be used by your organization operational support team
(OPS).
Select the Deploy Monitoring Form checkbox to install the Transact Server Monitoring organization and the Server Mon-
itor Test form.
Next
Server Monitoring Form - 41 -
Logging Configuration | System Administrator |
The Logging Configuration page screen allows you to customize date and time format used in log files generated by
Journey Manager.
Next
Logging Configuration - 42 -
Configure Database | System Administrator |
The Database Configuration screen allows you to configure the database connection to the database server you've
selected previously. The installer will create configuration files and applications required for the specified database.
To configure the database:
1. Provide the database server name in the Server hosting the database field.
2. Provide the database port number in the Port field.
3. Enter the database name in the Database/schema name field. If you use an Oracle database, ensure you set the
database name correctly. For example, for the Oracle 11g Express Edition DB, the database name is XE.
4. Provide the database user name in the User login field.
5. Enter the database user password in the Password field.
6. Select the Create the database tables checkbox if you have already created the txmanager database and are
running the installer for the first time. The installer automatically creates the database tables and indexes. These
database operations are performed as a user you specify in the installer. If you are upgrading an existing Manager
server, the Create the database tables option is not available, because your server already uses a fully initialized
and working database. The schema will be automatically upgraded when Manager starts the first time after the
upgrade.
7. Click Next.
Next
Configure Database - 43 -
Perform Installation | System Administrator |
The Perform Installation screen allows you to review your Journey Manager installation configuration, so you can decide
whether you want to proceed or go back to correct the configuration.
To install Journey Manager, click Install.
If an error occurs during the installation, click Show Details to view the detailed installation log. You can click Back to nav-
igate to the previous screen to correct any configuration settings and then retry the installation.
Next
Perform Installation - 44 -
Create a Service | System Administrator |
Journey Manager has to be run as a OS service, so it performs as expected. This service is created differently depending
on your target OS.
Microsoft Windows
The Journey Manager installer automatically creates the Avoka Transaction Manager service, if you are installing Jour-
ney Manager on Microsoft Windows servers. The Avoka Transaction Manager service is configured as Automatic, so it
is started automatically when the Windows server is started or restarted.
Linux
You need to configure and start Journey Manager as a service using the txmanager script, if you are installing Journey
Manager on Linux servers. If you are upgrading Journey Manager, make sure you keep a copy of the previous txmanager
script.
To configure Journey Manager as a service:
1. Open an administrator command shell.
2. Navigate to the server bin installation directory, for example: /data/a-voka/transact/manager/server/bin.
3. Add execute permission (chmod +x) on all the .sh files.
4. Navigate to the database updater directory, for example: /data/a-voka/transact/manager/server/standalone/db-updater.
5. Add execute permission (chmod +x) on all the .sh files.
6. Navigate to the PhantomJS directory in the server installation directory, for example: /data/a-voka/transact/manager/phantomjs.
7. Add execute permission (chmod +x) to the PhantomJS file inside the folder: chmod +x phantomjs.
8. Navigate to the Puppeteer directory in the server installation directory, for example: /data/a-voka/transact/manager/puppeteer.
9. Add execute permission (chmod +x) to the puppeteer.sh file inside the folder: chmod +x puppeteer.sh.
10. Copy [JM artifacts folder]/linux/txmanager to the directory /etc/init.d. The "[JM arti-facts folder]" is the directory where the installer stores the artifacts it produces. The defaults is /us-r/avoka-tm-install.
11. Edit the txmanager file and ensure the variable JAVAPTH is set to JDK 11 bin directory in the installation folder.
12. Add execute permission (chmod +x) on the txmanager file.
13. Edit the txmanager file and change the associated parameters such as user, installation address, etc.
To start the service, run service txmanager start.
Create a Service - 45 -
To stop the service, run service txmanager stop.
Linux Service Script
The installer comes with the txmanager script located in [JM artifacts folder]/linux/txmanager. The
example service script is shown below:
# # $Id: jboss_init_redhat.sh 60992 2007-02-28 11:33:27Z [email protected] $ # chkconfig: 2345 65 35 # processname: txmanager # pidfile: /var/run/txmanager.pid #define where SFMANAGER is - this is the directory containing directories log, bin, conf etc SFMANAGER_HOME=${SFMANAGER_HOME:-"@{installation.dir}/server"} #define the user under which jboss will run, or use 'RUNASIS' to run as the current user SFMANAGER_USER=${SFMANAGER_USER:-"root"} #make sure java is in your path JAVAPTH=${JAVAPTH:-"@{installation.dir}/@{jdk.folder.name}/bin"} #define the script to use to start jboss SFMANAGERSH=${SFMANAGERSH:-"./standalone.sh"} SFMANAGER_CONSOLE=${SFMANAGER_CONSOLE:-"run.log"} if [ "$SFMANAGER_USER" = "RUNASIS" ]; then SUBIT="" else SUBIT="su -s /bin/bash $SFMANAGER_USER -c " fi if [ -n "$SFMANAGER_CONSOLE" -a ! -d "$SFMANAGER_CONSOLE" ]; then # ensure the file exists touch $SFMANAGER_CONSOLE if [ ! -z "$SUBIT" ]; then chown $SFMANAGER_USER $SFMANAGER_CONSOLE fi
Create a Service - 46 -
fi if [ -n "$SFMANAGER_CONSOLE" -a ! -f "$SFMANAGER_CONSOLE" ]; then echo "WARNING: location for saving console log invalid: $SFMANAGER_CONSOLE" echo "WARNING: ignoring it and using /dev/null" SFMANAGER_CONSOLE="/dev/null" fi #define what will be done with the console log SFMANAGER_CONSOLE=${SFMANAGER_CONSOLE:-"/dev/null"} SFMANAGER_CMD_UPDATE_DB="cd $SFMANAGER_HOME/standalone/db-updater; ./up-date.sh;" SFMANAGER_CMD_START="cd $SFMANAGER_HOME/bin; $SFMANAGERSH" SFMANAGER_CMD_STOP="cd $SFMANAGER_HOME/bin; ./jboss-cli.sh --connect com-mand=:shutdown" if [ -z "`echo $PATH | grep $JAVAPTH`" ]; then export PATH=$PATH:$JAVAPTH fi if [ ! -d "$SFMANAGER_HOME" ]; then echo SFMANAGER_HOME does not exist as a valid directory : $SFMANAGER_HOME exit 1 fi #echo SFMANAGER_CMD_START = $SFMANAGER_CMD_START case "$1" in start) cd $SFMANAGER_HOME/bin if [ -z "$SUBIT" ]; then eval $SFMANAGER_CMD_UPDATE_DB >${SFMANAGER_CONSOLE} 2>&1 & if [ -f $SFMANAGER_HOME/bin/db-update.success ]; then echo "Starting TM..." eval $SFMANAGER_CMD_START >${SFMANAGER_CONSOLE} 2>&1 & else echo "Aborting..." fi else
Create a Service - 47 -
$SUBIT "$SFMANAGER_CMD_UPDATE_DB >${SFMANAGER_CONSOLE} 2>&1 &" if [ -f $SFMANAGER_HOME/bin/db-update.success ]; then echo "Starting TM..." $SUBIT "$SFMANAGER_CMD_START >${SFMANAGER_CONSOLE} 2>&1 &" else echo "Aborting..." fi fi ;; stop) if [ -z "$SUBIT" ]; then $SFMANAGER_CMD_STOP else $SUBIT "$SFMANAGER_CMD_STOP" fi rm -rf $SFMANAGER_HOME/standalone/tmp ;; restart) $0 stop $0 start ;; *) echo "usage: $0 (start|stop|restart|help)" esac
Next
Create a Service - 48 -
Install Additional Components - Linux | System Administrator |
Font substitution errors can occur when rendering forms and receipts, when the form was designed using Windows fonts
which are not present on a Linux server. The Journey Manager installer includes the Microsoft Core TrueType fonts in the
msttcore package.
To install the additional Microsoft Core TrueType fonts on Linux (Centos 6.3):
1. Unzip the msttcore font package from [Manager artifacts folder]/linux/msttcore.zip to the
/usr/share/fonts directory on your server.
2. Execute the following command: sudo fc-cache -fv
To install the additional Nimbus Sans fonts, execute the following command:
sudo yum install urw-fonts
To clear the font cache and verify the font is installed, execute the following commands:
sudo fc-cache -fv sudo fc-list | grep Nimbus
To support dynamic PDF receipt rendering using PhantomJS 2, check the international component for Unicode library
libicu is installed:
sudo yum install libicu
Next
Install Additional Components - Linux - 49 -
Configure the Proxy | System Administrator |
Journey Manager can run behind a proxy server. In this case, you need to configure the proxy on the server to allow for suc-
cessful connections to external systems.
Make sure the server can connect to a Network Time Protocol (NTP) server to provide correctly server's clock syn-
chronization.
To configure the proxy server:
1. Open the [JM server folder]/server/standalone/configuration/standalone.xml file.
2. Modify or add the following lines in this file:
<system-properties> <property name="http.proxyHost" value="proxyhostURL" /> <property name="http.proxyPort" value="proxyPortNumber" /> <property name="https.proxyHost" value="proxyhostURL" /> <property name="https.proxyPort" value="proxyPortNumber" /> <property name="https.proxyUser" value="username" /> <property name="https.proxyPassword" value="password" /> <property name="http.nonProxyHosts" value-e="localhost|www.someotherhost.com" /> </system-properties>
You may not need to know the proxy's username, password or nonProxyHosts settings.
3. Save the file.
4. Restart the Journey Manager service to apply the changes.
Next
Configure the Proxy - 50 -
Installation Details | System Administrator |
The Journey Manager installer writes to log files detailed information on what and how Journey Manager software was
installed, so you can check if the installation was successful and what errors took place. The installation details may vary
depending on the installation mode.
You can find the installation log in the Journey Manager's root directory:
Windows
C:\avoka\transact\manager\installation-details.txt
Linux
/opt/avoka/transact/manager/installation-details.txt
If you run the installer again on the same server directory, for example, to upgrade Manager, the installer appends to this
file, so it's easy to keep track of the installation history.
We don't recommend to modify or remove the installation-details.txt file as it provides important information
about your server.
Next
Installation Details - 51 -
Add Multiple Journey Manager Nodes | System Administrator |
Journey Manager supports a scalable architecture based on server nodes, where each server node is a separate Journey
Manager server. In this case, you need to install multiple Journey Managers.
To add multiple Journey Manager nodes:
1. Run the installer on the first node.
2. Run the installer for every additional node with the following modifications:
l Enter the same database connection details as all Manager nodes share the same database.
l Clear the Create the database tables checkbox so the database tables are created only once.
3. Configure Manager for multiple server nodes operation.
Next
Add Multiple Journey Manager Nodes - 52 -
Configure Journey Manager | System Administrator |
The next installation step is to start Journey Manager and configure it.
Next
Configure Journey Manager - 53 -
Start the Journey Manager Service | System Administrator |
Make sure the database schema has been created before starting Journey Manager.
To start Journey Manager:
1. Open the Windows Services Management Console.
2. Select the Avoka Transaction Manager service
3. Click Start. The Journey Manager service should start in approximately 10-30 seconds, subject to the server's hard-
ware. If the database upgrades are being performed on the server's start-up, which is automatically done by Journey
Manager when a new version is deployed, the start-up time may be longer depending on the nature of the upgrades.
4. Check the Journey Manager service status is Started.
5. Check the following log files to see the progress of the Journey Manager start up:
C:\avoka\transact\manager\server\standalone\log\db-update.log C:\avoka\transact\manager\server\standalone\log\server.log
To tail the server log files on Windows servers, you can use the BareTail utility program http://www.bare-
metalsoft.com/baretail/.
Start the Journey Manager Service - 54 -
To stop Journey Manager:
1. Open the Windows Services Management Console.
2. Select the Avoka Transaction Manager service
3. Click Stop.
4. Check the service status is Stopped.
Next
Start the Journey Manager Service - 55 -
First Administrator Login | System Administrator |
After Journey Manager has started, you must log onto Manager to start using it. If you are logging for the first time, you
have to use the default administrator user credentials and then change them, so the Manager access is secure.
To log onto Journey Manager for the first time:
1. Open the http://localhost:9080/manager/ URL in your browser.
2. Type administrator in the User name field.
3. Type password in the Password field.
4. Click Log in.
5. Change the default administrator user password to a new one.
A new password must be a minimum of 12 characters and a mix of letters and digits, upper and lower case char-
acters and a special character.
You can modify the password validation rules in the Local Security Manager . For more information, see
Security > Security Managers.
6. Click Change Password. to update the password.
Make a note of your administrator password and keep it secure.
First Administrator Login - 56 -
Once you have changed the password, you access the Manager's dashboard, which has no data to show.
Next
First Administrator Login - 57 -
Harden Administrator Access | System Administrator |
One of the first things you should do with your Journey Manager instance is to harden the default administrator account.
You can use one of the two approaches:
1. Harden the default administrator password. This is automatically enforced by Journey Manager.
2. Create named user accounts for the system administrators and disable the default administrator account. This
provides tighter security access control, and allows you to see named user accounts, as opposed to a single shared
user account, in audit logs, which are automatically maintained by Journey Manager.
Next
Harden Administrator Access - 58 -
Disable the Administrator's Account | System Administrator |
Journey Manager allows you to significantly improve its security by disabling the administrator's user account.
To disable the administrator account:
1. Create a new user account.
2. Select the Transact Manager portal from the Spaces dropdown list.
3. Click Save to update the changes.
4. Assign the Administrator role to the new user to be able to access Manager.
Disable the Administrator's Account - 59 -
5. Select the Enable Global Access checkbox for the new user to be able to manage all Journey Manager organ-
izations.
6. Click Save to update the changes.
7. Log out and then log back in using your new user account.
8. Locate the default administrator account.
9. Change the Account Status to Inactive, so this account can't be used to log onto Manager.
Disable the Administrator's Account - 60 -
10. Click Save to update the changes.
It's recommended that all Manager's users are set up with their own user accounts and that roles, organizations
and form spaces are assigned according to the users' needs.
Next
Disable the Administrator's Account - 61 -
Configure Module Context Paths | System Administrator |
You should set the context path of all Journey Manager's modules , so they are accessible.
To configure the modules:
1. Select System > Modules Config to view all modules.
2. Click Edit to update a module's content path.
3. Click Save to update the changes.
4. View all form spaces.
5. Modify the context paths of the public facing form space modules, so they are accessible.
Next
Configure Module Context Paths - 62 -
Configure Environment Properties | System Administrator |
A Journey Manager module allows you to display an environment type message on the banner of every page. This can be
an important reminder message for staff working across multiple environments, such as PROD, UAT, TEST or DEV. By
setting the environment message you can prevent staff from making the wrong configuration changes to the wrong envir-
onment. This is particularly important for your production environment, so configure CSS styles to highlight PROD servers.
To set the Admin Environment Name:
1. Select System > Modules Config.
2. Open the Transact Manager module.
3. Click the Properties Edit tab.
4. Edit the message in the Admin Environment Name field, for example Test Environment.
5. Edit the color styles appropriate for that environment in the Admin Environment CSS Style field, for example, as
shown below:
#environmentCssStyle { position: absolute; top: 10px; text-align: center; width: 100%; } #environmentCssStyle span { color: red; background-color: #fcfcfc; font-weight: bold; font-size: 12pt;
Configure Environment Properties - 63 -
padding: 3px 12px; border: 2px solid red; }
This provide the Environment banner message style below:
6. Click Save to update the changes.
You can turn off some of the CSRF security hardening settings in non-production environments to make it easier
to work with multiple browser tabs open at the same time.
Next
Configure Environment Properties - 64 -
Configure Email Settings | System Administrator |
Journey Manager requires an email server to be configured to send emails. At a minimum, you need to specify a SMTP
host and a default email sender address. Depending on your email server, you may also need to provide a port, a user
name and password.
Click Send Test to confirm that your email server connection settings are correct.
Next
Configure Email Settings - 65 -
Data Retention Management | System Administrator |
Journey Manager comes with the data retention management to control the growth of database tables that include system
transactions, analytics and logs. This ensures optimal performance of Journey Manager over time.
When Manager starts for the first time, it will use pre-configured data retention policies, so it is important to review them
and ensure they meet your business objectives. Check with the business owners to ensure the system data retention man-
agement policies have been agreed upon and then ensure they are configured in Manager.
To check the data retention policies, select System > Data Retention Management.
Next
Data Retention Management - 66 -
Chromium Puppeteer Receipt Service | System Administrator |
Journey Manager provides the PDF receipt generation service based on PhantomJS. You can also choose to use a receipt
generation service based on Chromium Puppeteer. However, this requires the Chromium module and a number of depend-
encies to be installed on the Journey Manager server.
This section describes how to configure the Chromium module on CentOS 7 and Windows, and how to create and use the
Chromium Puppeteer receipt render service in Journey Manager. For other operating systems, contact Temenos support
for assistance.
Next
Chromium Puppeteer Receipt Service - 67 -
Install Chromium Puppeteer - CentOS 7 | System Administrator |
Journey Manager comes with the Chromium Puppeteer Receipt Render service, which requires the Chromium module and
its dependencies to be installed on a Linux server.
If you don't intend to use the Chromium Puppeteer Receipt Render service, you don't need to install it. You can
use the preconfigured PhantomJS Receipt Render service.
To install the Chromium module and its dependencies:
1. Download the Node.js package and add it to the yum repository:
curl -sL https://rpm.nodesource.com/setup_10.x | sudo -E bash -
2. Verify the nodesource yum repository file is in /etc/yum.repos.d/nodesource-el7.repo
3. Update the repo:
sudo nano /etc/yum.repos.d/nodesource-el7.repo enabled=0
4. Install the gcc-c++ and run make to build it, if it's not been already installed:
sudo yum install gcc-c++ make
5. Install Node.js
sudo yum install nodejs --enablerepo=nodesource
The successful installation output is shown below:
Install Chromium Puppeteer - CentOS 7 - 68 -
6. Verify the Node.js and npm installations:
node -v npm -v
7. Install the Chrome dependencies:
sudo yum install libXcomposite libXcursor libXdamage libXext libXi libXtst cup-libs libmng libXScrnSaver libXrandr libXv alsa-lib cairo pango atk at-spi2-atk gtk3
8. Install the Chromium module bundled in the installer:
cd /data/avoka/transact/manager/puppeteer sudo npm install
Install Chromium Puppeteer - CentOS 7 - 69 -
9. Configure the Chromium Puppeteer Receipt Render service.
Next
Install Chromium Puppeteer - CentOS 7 - 70 -
Install Chromium Puppeteer - Windows | System Administrator |
Journey Manager comes with the Chromium Puppeteer Receipt Render service, which requires the Chromium module and
its dependencies to be installed on a Linux server.
If you don't intend to use the Chromium Puppeteer Receipt Render service, you don't need to install it. You can
use the preconfigured PhantomJS Receipt Render service.
To install the Chromium module and its dependencies:
1. Download and install the Node.js package, including the node package manager (npm).
2. Install the Chromium module.
3. Open a command prompt as an administrator and navigate to [JM server folder]/puppeteer.
4. Execute the npm install command.
5. Configure the Chromium Puppeteer Receipt Render service.
Next
Install Chromium Puppeteer - Windows - 71 -
Configure Apache Server | System Administrator |
You need to install and configure a public facing Apache server to connect to Journey Manager.
The Apache server sits between Manager and the Network and it is used to:
l Manager offloads the SSL Termination onto Apache. SSL certificates are loaded into Apache.
l Serves cached static content.
l Reverse Proxy restring access to the Application Manager running Manager. Only certain context paths are exposed
to the network. This is configured in the mod-proxy.conf.
We recommend that you use Apache 2.4 with Manager for new installations. If you previously used Apache 2.2 for your
Manager server, you can either keep using it or upgrade it to Apache 2.4.
Apache 2.4 is not distributed with CentOS 6 or RedHat 6, so you need to upgrade your OS to CentOS 7 or
RedHat 7 to obtain an Apache 2.4 distribution. While you can continue using Journey Manager with Apache 2.2,
we recommend upgrading to Apache 2.4.
The installer includes configuration files for both Apache 2.2 and Apache 2.4.
Ensure you keep Apache up to date with the latest security patches.
Microsoft IIS Users
If you are evaluating whether to use Microsoft IIS as the fronting web server, be aware that there is an issue with IIS 7.5,
Firefox 3-4 and Adobe Reader, which will prevent forms from being submitted to IIS. Firefox 3 and 4 add an additional
HTTP Referer header when Adobe Reader submits a form. IIS 7.5 rejects this request with a 400 error. For more inform-
ation, see http://forums.iis.net/t/1162919.aspx.
If you intend to use IIS, you will need to modify the request before it reaches the IIS web server and delete the duplicate
Referer header. You can modify HTTP requests by using a smart switch device, such as an F5 BIG-IP, where you can
execute scripts to modify the requests.
Next
Configure Apache Server - 72 -
Configure Apache Server - Windows | System Administrator |
To install Apache on Windows:
1. Download the latest Apache web server from Apache Lounge web site:
l Apache 2.2 64 bits
l Apache 2.4 64 bits - recommended
2. Extract the avoka-tm-setup\apache-<version>\win64\apache-windows-additional-con-fig.zip file to a temp folder. Change <version> to 2.2 or 2.4.
3. Install an appropriate Visual C++ Redistributable package vcredist_x64.exe for your Apache server version.
4. Unzip the httpd-*-win64.zip file to your C:\ directory. Make a note of a new location, if it's different from the
default one.
5. Backup your current Apache configuration:
l Rename [Apache folder]\conf\httpd.conf to httpd.conf.ori
l Rename [Apache folder]\conf\extra\httpd-ssl.conf to httpd-ssl.conf.ori
6. Copy the new Apache httpd.conf from:
l avoka-tm-setup\apache-<version>\win64\additional-config\httpd.conf to [Apache folder]\conf\
l avoka-tm-setup\apache-<version>\win64\additional-config\httpd-ssl.conf to
[Apache folder]\conf\extra\
Change <version> to 2.2 or 2.4.
7. Copy the Apache mod_proxy.conf from:
l avoka-tm-setup\apache-<version>\win64\mod_proxy.conf to [Apache folder]\conf\
l avoka-tm-setup\apache-<version>\win64\mod_deflate.conf to [Apache folder]\conf\
l avoka-tm-setup\apache-<version>\win64\mod_cache.conf to [Apache folder]\conf\
8. Copy the Apache mod_security.conf from:
l avoka-tm-setup\apache-<version>\modsecurity\config\win64\mod_security.conf to
[Apache folder]\conf\
l avoka-tm-setup\apache-<version>\modsecurity\config\modsecurity.d folder to [Apache folder]\conf\
l avoka-tm-setup\apache-<version>\modsecurity\module\win64\mod_security2.so to
[Apache folder]\modules\
l avoka-tm-setup\apache-<version>\modsecurity\module\win64\*.dll to [Apache folder]\bin\
9. Copy a valid SSL certificate, private key and chain or root CA:
Configure Apache Server - Windows - 73 -
l Copy the SSL public certificate to [Apache folder]\conf\ssl
l Copy the SSL private key to [Apache folder]\conf\ssl
l Copy the SSL chain or root CA to [Apache folder]\conf\ssl
l Copy the SSL chain or root CA to [Apache folder]\conf\ssl
10. Modify the httpd.conf and httpd-ssl.conf:
l Open the [Apache folder]\conf\httpd.conf.
l Find the ServerName and replace it with the server's hostname or Journey Manager URL.
l If the httpd zip file is extracted to other location than C:\, search for C:\ and replace it with the correct location
of [Apache folder].
l Save and exit.
11. Modify the httpd-ssl.conf:
l Open the [Apache folder]\conf\extra\httpd-ssl.conf.
l Find the ServerName and replace it with the server's hostname or Journey Manager URL.
l Update the SSLCertificateFile with your SSL public certificate location.
l Update the SSLCertificateKeyFile with your SSL private key location.
l Update the SSLCACertificateFile with your SSL root CA or chain certificate location.
l Find the RedirectMatch and replace the URL with the Journey Manager URL.
l Find the RewriteEngine and un-comment this line. |
l Find the RewriteCond %{HTTP_HOST} !^yoururl.com$, un-comment it and replace yoururl.com
with server's hostname or the Journey Manager URL. |
l Find the RewriteCond %{HTTP_HOST} !^HostIpAddress$, un-comment it and replace HostIpAd-dress with the server's IP address. This is to allow you to use it with a load balancer. |
l Find the RewriteRule .* - [R=400] and un-comment it. |
l If the httpd zip file is extracted to other location than C:\, search for C:\ and replace it with the correct location
of [Apache folder].
l Save and exit.
12. Create folders for mod_cache and mod_security:
l Create the [Apache folder]\httpd_cache folder .
l Create the [Apache folder]\logs\mod_security folder .
13. Modify the mod_cache.conf:
l Open the [Apache folder]\conf\mod_cache.conf.
l Find the CacheRoot and set it to [Apache folder]\httpd_cache.
l Save and exit.
14. Confirm that TCP port 80 and 443 are opened in Windows firewall.
15. Install Apache as a Windows service:
Configure Apache Server - Windows - 74 -
l Run CMD as an administrator.
l Go to [Apache folder]\bin.
l Type httpd -k install to install a Windows service called Apache22.
16. Start Apache service.
17. Check the log files for error:
l Error log: [Apache folder]\logs\error.log or [Apache folder]\logs\ssl_error.log
l Access log: [Apache folder]\logs\access.log or [Apache folder]\logs\ssl_access.-log
l SSL request log: [Apache folder]\logs\ssl_request.log
18. Go to https://localhost/manager or https://<Journey Manager URL>/manager to verity the
installation.
Next
Configure Apache Server - Windows - 75 -
Configure Apache Server - Linux | System Administrator |
You have to install and configure a public facing Apache server to connect to Journey Manager.
The Apache Software Foundation has EOL support for Apache 2.2 and will no longer provide security patches for
this version, so you are strongly recommended to upgrade to Apache 2.4 to allow you to obtain the latest security
patches.
Apache 2.4 is not distributed with CentOS 6 or RedHat 6, so you need to upgrade your OS to CentOS 7 or
RedHat 7 to obtain an Apache 2.4 distribution. While you can continue using Journey Manager with Apache 2.2,
we recommend upgrading to Apache 2.4.
To install Apache on Linux:
1. Install the httpd and mod_ssl packages from repository:
sudo yum install httpd mod_ssl
2. Backup your current httpd.conf and ssl.conf files:
sudo cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.backup sudo cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.backup
3. Copy the new Apache configuration:
sudo cp avoka-tm-setup/apache-<version>/linux/additional-config/httpd.conf /etc/httpd/conf/ sudo cp avoka-tm-setup/apache-<version>/linux/additional-config/ssl.conf /etc/httpd/conf.d/
Change <version> to 2.2 or 2.4.
4. Copy new Apache configuration:
sudo cp avoka-tm-setup/apache-<version>/linux/mod_proxy.conf /etc/ht-tpd/conf.d/ sudo cp avoka-tm-setup/apache-<version>/linux/mod_deflate.conf
Configure Apache Server - Linux - 76 -
/etc/httpd/conf.d/ sudo cp avoka-tm-setup/apache-<version>/linux/mod_cache.conf /etc/ht-tpd/conf.d/
5. Copy the Apache mod_security configuration:
sudo cp avoka-tm-setup/apache-<version>/modsecurity/config/linux/mod_secur-ity.conf /etc/httpd/conf.d/ sudo cp avoka-tm-setup/apache-<version>/modsecurity/config/modsecurity.d /etc/httpd/conf.d/ sudo cp avoka-tm-setup/apache-<version>/modsecurity/module/linux/mod_secur-ity2.so /etc/httpd/modules/
6. Copy a valid SSL certificate, private key and chain or root CA:
sudo cp /location/of/SSL/public/certificate.crt /etc/pki/tls/certs/ sudo cp /location/of/SSL/chain/root/ca.crt /etc/pki/tls/certs/ sudo cp /location/of/SSL/private/key.key /etc/pki/tls/private/ sudo chown root:root /etc/pki/tls/certs/certificate.crt /etc/p-ki/tls/certs/ca.crt /etc/pki/tls/private/key.key sudo chmod 600 /etc/pki/tls/certs/certificate.crt /etc/pki/tls/certs/ca.crt /etc/pki/tls/private/key.key sudo chcon -u system_u -t cert_t /etc/pki/tls/certs/certificate.crt /etc/p-ki/tls/certs/ca.crt /etc/pki/tls/private/key.key
7. Modify /etc/httpd/conf/httpd.conf:
l Open the /etc/httpd/conf/httpd.conf.
l Find the ServerName and replace it with the server's hostname or Journey Manager URL.
l Save and exit.
8. Modify /etc/httpd/conf.d/ssl.conf:
Configure Apache Server - Linux - 77 -
l Open the /etc/httpd/conf.d/ssl.conf.
l Find the ServerName and replace it with the server's hostname or Journey Manager URL.
l Update the SSLCertificateFile with your SSL public certificate location.
l Update the SSLCertificateKeyFile with your SSL private key location.
l Update the SSLCACertificateFile with your SSL root CA or chain certificate location.
l Find the RedirectMatch and replace the URL with the Journey Manager URL.
l Find the RewriteEngine and un-comment this line. |
l Find the RewriteCond %{HTTP_HOST} !^yoururl.com$, un-comment it and replace yoururl.com
with server's hostname or the Journey Manager URL. |
l Find the RewriteCond %{HTTP_HOST} !^HostIpAddress$, un-comment it and replace HostIpAd-dress with the server's IP address. This is to allow you to use it with a load balancer. |
l Find the RewriteRule .* - [R=400] and un-comment it. |
l Save and exit.
9. Create the folder for mod_cache:
sudo mkdir /var/httpd_cache sudo chown apache:apache -R /var/httpd_cache
10. Add port 9009 to http_port_t, if SELinux is enabled:
sudo yum install policycoreutils-python sudo semanage port -a -t http_port_t -p tcp 9009
11. Configure SELinux file types:
sudo chcon -u system_u -t httpd_config_t /etc/httpd/conf/* -R sudo chcon -u system_u -t httpd_config_t /etc/httpd/conf.d/* -R sudo chcon -u system_u -t httpd_modules_t /etc/httpd/modules/mod_secur-ity2.so
12. Confirm that TCP port 80 and 443 are opened in IPTables.
13. Enable httpd service:
sudo chkconfig --add httpd sudo chckonfig httpd on
14. Restart Apache httpd process:
Configure Apache Server - Linux - 78 -
sudo service httpd restart
15. Check the log files for error:
l Error log: /var/log/httpd/error_log or /var/log/httpd/ssl_error_log
l Access log: /var/log/httpd/access_log or /var/log/httpd/ssl_access_log
l SSL request log: /var/log/httpd/ssl_request_log
Next
Configure Apache Server - Linux - 79 -
Add Form Spaces | System Administrator |
If you need to expose additional Journey Manager's form spaces, for example a workspace, you have to add it to the
Apache server configuration.
To edit the Apache configuration:
1. Open the Apache mod_proxy.conf file.
2. Add the new context path, for example, it exposes a new Staff Work Space with the context path /staff.
# Staff Work Space ProxyPassMatch /staff ajp://localhost:9009/staff ProxyPassReverse /staff ajp://localhost:9009/staff
3. Restart the Apache service.
This context path must be included in the Journey ManagerWork Space WAR files configuration.
Next
Add Form Spaces - 80 -
Configure Virus Scanner | System Administrator |
Journey Manager supports integration with online virus scan services to enable detection and elimination of virus uploaded
file attachments. Manager provides the following integrations with:
l ClamAV open source virus scanner for Linux
l Symantec Scan Engine commercial virus scanner for Microsoft Windows and Linux
Next
Configure Virus Scanner - 81 -
Configure ClamAV | System Administrator |
Journey Manager allows you to scan all forms' attachments for viruses using ClamAV virus scanner software.
To configure ClamAV:
1. Install ClamAV on your server.
It's recommended to install it on the same server as Journey Manager, because the ClamAV STREAM pro-
tocol opens TCP listener sockets over a range of ports, which makes it more difficult to configure firewall
rules on remote servers.
2. Open the clamd.conf file to increase the default ClamAV maximum file size from 25MB to 50MB, as shown
below:
# Close the connection when the data size limit is exceeded. # The value should match your MTA's limit for a maximum attachment size. # Default: 25M StreamMaxLength 50M
3. Configure the ClamAV service, which will be called to scan attachments for viruses.
4. Click Make Default to make ClamAV Virus Scan the default virus scan service.
5. Configure the ClamAV service to automatically update the virus definitions.
Next
Configure ClamAV - 82 -
Configure Symantec Scan Engine | System Administrator |
Journey Manager allows you to scan all forms' attachments for viruses using Symantec Scan Engine virus scanner soft-
ware.
To configure Symantec Virus Scanning:
1. Install Symantec Scan Engine on your server.
2. Configure Symantec Virus Scanning, which will be called to scan attachments for viruses.
3. Click Make Default to make Symantec Virus Scanning the default virus scan service.
Next
Configure Symantec Scan Engine - 83 -
Upgrade Journey Manager | System Administrator |
The Journey Manager installer allows you to upgrade your current Journey Manager with a newer version of software by
using one of the two options: upgrade or reinstall.
To upgrade Journey Manager:
1. Check upgrade version notes to understand what additional configuration changes you must perform prior to the
upgrade.
2. Select the Upgrade a Journey Manager 4.3+ server option to upgrade the existing server using the Setup Wiz-
ard.
This option is only supported for Journey Manager version 4.3 and higher.
It's recommended to use the upgrade option, because the installer automatically backups your existing server
and provides an installation-details.txt file with the details of what files are changed during the
upgrade.
To reinstall Journey Manager:
1. Check upgrade version notes to understand what additional configuration changes you must perform prior to the
upgrade.
2. Uninstall the existing Journey Manager.
3. Select the Install a new Journey Manager server option to install a new version of Journey Manager using the
Upgrade Journey Manager - 84 -
Setup Wizard.
This option works for all Journey Manager versions.
The installer automatically upgrades the database when Journey Manager is restarted, regardless of the upgrade option
you have selected.
Next
Upgrade Journey Manager - 85 -
Data Retention Policy Mode | System Administrator |
The Data Retention Policy Mode screen allows you to specify data retention policy mode, strict or relaxed, during the
upgrade.
To choose data retention policy mode:
l Select Strict for installations and upgrades of newer Journey Manager versions, as it helps you ensure system per-
formance meets the SLAs and system upgrades outage windows are minimize.
l Select Relaxed for upgrades of older Journey Manager versions, as it supports older work flow configurations.
Next
Data Retention Policy Mode - 86 -
Back up the Journey Manager Database | System Administrator |
Before you start installing the new version, shut down the Manager service and back up the Journey Manager database.
Always back up the Journey Manager database before performing an upgrade.
Next
Back up the Journey Manager Database - 87 -
Upgrade Journey Manager Server | System Administrator |
To upgrade Journey Manager in-place:
1. Stop the Journey Manager service and check it has stopped.
2. Run all required manual DB statements, as described in the upgrade notes.
3. Run the Journey Manager installer to perform the upgrade using the Upgrade a Journey Manager 4.3+ server
option on the Setup Wizard screen.
Ensure the same database version and database connection details are used.
If you have custom server shared modules JAR files deployed, perform the upgrade as normal.
4. Review your customized modules.xml file to ensure your custom JAR files are still referenced. If the mod-ule.xml has been updated, edit it to add references to your custom JAR files.
5. Review the /avoka/transact/installation-details.txt installation log file, containing the details on
all files that have been added, updated or deleted.
Next
Upgrade Journey Manager Server - 88 -
Reinstall Journey Manager | System Administrator |
To upgrade Journey Manager by reinstalling it:
1. Stop the Manager service and check that it has stopped.
2. Uninstall the Journey Manager service:
l Windows Run the [JM server folder]/bin/service-uninstall.bat batch file with administrator
privileges.
l Linux (CentOS or RedHat Enterprise Linux) The service is removed automatically, so you don't need to uninstall
it.
3. Rename the existing Journey Manager service installation directory. so the new installation can use this path. This
will also provide you with a backup of the existing installation.
4. Install a new Journey Manager version using the Setup Wizard. For more information, see run the installer.
Check the same database version and database connection details are used and the Create the database
tables checkbox is not selected.
Reinstall Journey Manager - 89 -
5. Restore any Custom Portal WAR files from your previous installation to the server deployments [JM server folder]/standalone/deployments folder. If your Portal or Module WAR file contains Java code, you must
rebuild it so that it references the correct services. Otherwise, you may receive runtime errors
Next
Reinstall Journey Manager - 90 -
Update a Service - Linux | System Administrator |
Follow the steps described in create a service to ensure the Linux service uses the latest service script and all files have
the correct access permissions set.
Next
Update a Service - Linux - 91 -
Update the Journey Manager Database | System Administrator |
To update the database:
1. Backup the current Journey Manager database.
2. Apply database updates, contained in the new version of Journey Manager, to the existing database.
3. Start Journey Manager using a service. There is a separate module that runs before the Journey Manager server
starts, which updates the database and initializing the core system configuration.
4. Monitor the [JM server folder]/standalone/log/db-update.log file to check the status of the data-
base update.
l The successful database update contains the following output:
INFO [com.avoka.fc.core.service.DatabaseVersionService] ... Updating database... INFO [com.avoka.fc.core.service.DatabaseVersionService] ... Results will be written to C:\Avoka\transact\manager\server\standalone\log\db-update\db-version-updates-2013-03-25-1436.txt ... INFO [com.avoka.fc.admin.service.DatabaseVersionService] ... Update completed successfully at 30 Apr 2013 10:32:23 INFO [com.avoka.fc.admin.service.DatabaseVersionService] ... 1 change(s) were applied to the database. Database schema update complete. ... Configuration initialization complete.
l The failed database update contains the following output:
[ERROR] [com.a-voka.fc.core.service.initialization.DatabaseVersionService] Please resolve database update error Database update failed
In this case, Journey Manager won't start, so you need to resolve the error first, as explained below.
To resolve the database error:
1. Obtain a copy of the db-update.log file.
2. Obtain the detailed log file located in [JM server folder]/standalone/log/db-update
3. Get the database backup file.
Update the Journey Manager Database - 92 -
4. Contact your Temenos support team and provide them with the above data so they can investigate the root case of
the error.
5. Perform a rollback to the old database version.
The Journey Manager server won't start if the database updater module exited due to an error.
6. Start Journey Manager.
Next
Update the Journey Manager Database - 93 -
Update Apache Configuration | System Administrator |
Journey Manager version 4.3 and higher comes with updated Apache mod_proxy.conf and mod_security.conf
files. If you are upgrading your Journey Manager prior to version 4.3, you must deploy these files manually on your Apache
server. However, Journey Manager creates the current set of Apache configuration files, so you need to follow the steps
below
To Update Apache configuration:
1. Back up the existing files:
Windows
[Apache folder]\conf\mod_proxy.conf [Apache folder]\conf\mod_security.conf
Linux
/etc/httpd/conf.d/mod_proxy.conf /etc/httpd/conf.d/mod_security.conf
2. Copy the configuration files from:
[JM artifacts folder]/apache/[Operating System]/mod_proxy.conf [JM artifacts folder]/apache/modsecurity/config/[Operating System]/mod_security.conf
to
Windows
[Apache folder]\conf\
Linux
/etc/httpd/conf.d\
Update Apache Configuration - 94 -
3. Add any customized mod_proxy mappings to your new mod_proxy.conf file using the revised proxy pattern:
# JM Example Maguire Portal ProxyPass /maguire ajp://localhost:9009/maguire ProxyPassReverse /maguire ajp://localhost:9009/maguire
4. Copy the Mod Security rule files from:
[JM artifacts folder]/apache/modsecurity/config/modsecurity.d/activated_rules/
to
Windows
[Apache folder]\conf\
Linux
/etc/httpd/conf.d/
5. Restart Apache.
6. Ensure Apache starts successfully. If errors occur during the installation, you can roll back the Apache change by
deploying the previous configuration files you backed up and restarting Apache again.
Next
Update Apache Configuration - 95 -
Verify the Server Upgrade | System Administrator |
Now, that the database is up to date, the Journey Manager server should start up. Monitor the [JM server folder-]/standalone/log/server.log log file for any errors or abnormalities. If any unusual errors occur, contact our sup-
port team and provide them with the log files. Should functionality be impacted, you may need to roll back to the old
version of Journey Manager.
If you use Adobe LiveCycle, log on to Journey Manager, select System > Server Nodes and click Synchronize Repos-
itories to synchronize it with Adobe LiveCycle. Check the synchronization completes successfully. |
Finally, test core functionality, such as form submission and rendering, to ensure that the system runs as expected. Keep
on monitoring the error and event logs in Journey Manager.
Check the upgrade notes for version specific instructions on configuration changes.
Next
Verify the Server Upgrade - 96 -
Clean up the JDK Folder | System Administrator |
The Journey Manager server comes with the Java Development Kit (JDK), which is required to run it. We regularly update
the JDK and include it in the Journey Manager installer, so it is deployed on your server during an upgrade. However, the
installer doesn't automatically remove the old JDK, so you may want to do it manually to free up some space on your
server.
To delete obsolete JDK folders:
1. Verify the Journey Manager installation is successful.
2. Navigate to the JDK folders at [JM install folder], for example, C:\avoka\transact.
3. Delete the old JDK folder. If multiple JDK folders exist, you can delete the ones with lower version numbers.
This is not a requirement to remove the obsolete JDK folders. This is merely to reclaim your disk space.
Next
Clean up the JDK Folder - 97 -
Installation Rollback | System Administrator |
You must roll back your new installation to the old version of Journey Manager, if it fails due to some errors that you can't
fix in-flight.
To rollback the installation of your Journey Manager:
1. Stop Journey Manager, if it is running.
2. Uninstall the service:
Windows Execute the [JM server folder]/bin/service-uninstall.bat file as an administrator.
Linux Replace the service script when reinstalling the old version.
3. Delete the Journey Manager folder, for example, the default C:\Avoka\transact\manager on Windows.
4. Perform the following extra steps depending whether
You upgraded your Journey Manager using the installer's option Upgrade a Journey Manager 4.3+ server:
l Copy log files, so you can find the problem that caused the installation failed.
l Delete the content of the Journey Manager server directory:
Windows
C:\avoka\transact\manager
Linux
/opt/avoka/transact/manager
l Copy the content of the backup directory, which you've specified during installation, to the Journey Manager
server directory.
l Reinstall the service:
Windows Execute the [JM server folder]\server\bin\service.bat -install as an admin-
istrator.
Linux Redeploy the old txmanager file.
Or you did the clean Journey Manager installation to a different folder using the installer's option Install a new
Journey Manager server:
Installation Rollback - 98 -
l Run the installer for the old version of Journey Manager and make sure the installer doesn't create the database
tables.
5. Restore the Journey Manager database from the backup.
6. Start Journey Manager.
Next
Installation Rollback - 99 -
Upgrade Checklist | System Administrator |
To upgrade an existing Journey Manager server:
l Obtain Journey Manager License Keys for each Journey Manager environment to be upgraded.
l Ensure you have the Journey Manager installer for the old version, as well as any custom WAR files.
l Ensure you have the same resources for the new Journey Manager version, as well as the upgrade notes.
l Check the upgrade notes for any version specific configuration changes to be performed prior to the upgrade.
l Take a backup of the Journey Manager database.
l Remove the Journey Manager service on Windows or back up the txmanager file on RedHat and Solaris, if you are
doing a clean install rather than an upgrade of the current server directory.
l Perform a turnkey installation or an in-place upgrade using the new version of the Journey Manager installer and the
existing database.
l Upgrade the Journey Manager LiveCycle application and form server WAR, if applicable.
l Ensure the current service script is deployed and the correct file permissions have been applied on Linux.
l Start Journey Manager and monitor the log files.
l Verify the installation is successful.
l Check the upgrade notes for any version specific configuration changes to be performed after the upgrade.
Follow the more detailed instructions in the previous sections for each step. If an error occurs during the upgrade, refer to
installation rollback.
Next
Upgrade Checklist - 100 -
Upgrade Previous Versions | System Administrator |
This section details the notes for upgrading configurations from previous versions of Journey Manager. You are required to
review and apply any relevant instructions for your Journey Manager version to complete the Journey Manager upgrade.
With every major version upgrade, you should upgrade form spaces' content to pickup any new software features, cap-
abilities and security enhancements.
The minimum version of Journey Manager that you can upgrade from is version 4.3. For older Journey Manager versions,
you must reinstall your Journey Manager in order to upgrade it, refer to reinstall.
Next
Upgrade Previous Versions - 101 -
Version 5.0 Upgrade | System Administrator |
When upgrading a Journey Manager server to version 5.0 or later, review the upgrade notes below.
Next
Version 5.0 Upgrade - 102 -
Form Work Space Changes | System Administrator |
The following Form Web Portal content changes have been made in Journey Manager version 5.0 since version 4.3:
Page or Resource Path Content Changes
click/not-found.htm (Page) fixed redirect bug.
login.htm (Page) improved accessibility with error state role=alert attributes.
WEB-INF/jboss-deployment-structure.xml
updated library module includes.
For Manager deployments with form spaces containing custom Java classes in the WAR file, they need to be recompiled
to ensure any Journey Manager Java API changes are updated in custom Java code. Contact our support to obtain a
portal's Java source code compatible with Manager version 5.0, so you can merge it with your custom Java project. We
recommend that customers migrate away from customized Java portals to enable an easier upgrade process.
Minor Manager v4.3.x upgrades with custom Java classes also need to be recompiled to ensure any API changes are
accounted form.
Manager Portal Java source code will only be provide to existing customers with custom Java projects, and will not be
made available for new Java custom portals.
Next
Form Work Space Changes - 103 -
Updated Default Configurations | System Administrator |
The following default configuration changes have been made with Journey Manager version 5.0. New systems include
these new defaults, while upgrades systems will maintain their existing configurations.
Configuration Description
New
Value
Previous
Value
Data Retention - Trans-action History
Maximum period of time Transaction History records are kept for.
2 years
5 years
Form Submission Access Controller - CSP
Service parameter 'Form CSP Header Value' which enabled form CSP policies.
- -
Next
Updated Default Configurations - 104 -
Version 5.1 Upgrade | System Administrator |
When upgrading a Manager server to version 5.1, review the previous upgrade notes and review the upgrade notes below.
After starting the Manager server, check the Manager server nodes configuration, which is particularly important for deploy-
ments with Adobe LiveCycle integration.
Next
Version 5.1 Upgrade - 105 -
Form Work Space Changes | System Administrator |
The following Form Web Portal content changes have been made in Journey Manager version 5.1 compared to version
5.0:
Page or Resource Path Content Changes
confirmation.htm (Page) formatting change.
receipt-challenge.htm (Page) new page that is used to control access to user receipts under some circumstances.
redirect.jsp security hardening.
secure/account/submission.htm added category filter where applicable.
WEB-INF/click.xml improved XSS protection.
WEB- INF/jboss- deployment-structure.xml
updated library module includes.
Important Notes
When upgrading to Manager version 5.1, all WAR files need to be rebuilt. The Manager installer will take care of the stand-
ard Manager modules, such as Transact Manager and Business Reports, and form spaces, such as Web Plug-in, Work
Space, and Maguire, as part of the upgrade.
However, if you have custom work space WAR files, you need to rebuild them by running the installer and choosing the
option Create a Transact Work Space. For more information, see form spaces.
Additionally, if you have a T.Field form space deployed, you will need to deploy the updated WAR file manually. It is loc-
ated at [Manager setup directory]/war/avoka-sf-field-worker.war and needs to be deployed to
[Manager server directory]/standalone/deployments.
If you don't ensure that all custom WAR files are rebuilt, your spaces may not work after the upgrade. Contact our support
with any concerns you have before upgrading your Manager server.
Next
Form Work Space Changes - 106 -
Version 17.10 Upgrade | System Administrator |
When upgrading an existing Manager server to version 17.10, review the previous upgrade notes and review the upgrade
notes below.
Next
Version 17.10 Upgrade - 107 -
Apache 2.4 Support | System Administrator |
Up until now the Journey Manager installer included configuration files for Apache 2.2. This Apache version has reached
its End of Life (EOL) and is no longer being supported by the Apache Foundation.
Important Note: we strongly recommend you upgrade any existing Apache 2.2 servers to Apache 2.4 to obtain the the
latest security patches.
Journey Manager version 17.10.0 has introduced support for Apache 2.4, including mod_security 2.9.2, but we will con-
tinue to support Apache 2.2 while customers migrate to the new version of Apache.
On Linux, due to library compatibility issues, the following configurations are supported:
l CentOS 7 or RedHat 7 with Apache 2.4
l CentOS 6 or RedHat 6 with Apache 2.2
If you have an existing Manager server on CentOS 6 or RedHat 6 and want to move to Apache 2.4, you will need to:
1. Create a new CentOS 7 or RedHat 7 instance
2. Install a Manager server
3. Install and configure an Apache 2.4 server
4. Configure Manager to use your existing database
Next
Apache 2.4 Support - 108 -
New DB Unique Indexes | System Administrator |
Journey Manager version 17.10.0 introduces new database indexes around submission data that will help maintain data
integrity.
To ensure your Journey Manager servers are free of issues and will be able to apply the indexes successfully, we recom-
mend that you run the following database statements as part of the upgrade, after shutting down the Manager service and
backing up the database:
1. Find duplicate rows:
SELECT submission_oid FROM submission_extract_json GROUP BY submission_oid HAVING COUNT(*) > 1;
SELECT submission_oid FROM submission_data GROUP BY submission_oid HAVING COUNT(*) > 1;
If neither query returns any rows, your database is fine and you can continue with the Manager upgrade. Other-
wise, continue with the steps below.
2. Delete duplicates:
For submission_data:
DELETE FROM submission_data WHERE submission_data_oid IN ( SELECT min(sdA.submission_data_oid) FROM ( SELECT * FROM submission_data) as sdA WHERE sdA.submission_oid in ( SELECT submission_oid FROM (SELECT * FROM submission_data) as sdB GROUP BY submission_oid HAVING COUNT(*) > 1) GROUP BY sdA.submission_oid);
For extract_json:
DELETE FROM txmanager.submission_extract_json WHERE sub_extract_json_oid IN ( SELECT min(jsA.sub_extract_json_oid) FROM ( SELECT * FROM submission_extract_json) as jsA WHERE jsA.submission_oid in ( SELECT submission_oid FROM (SELECT * FROM submission_extract_json)
New DB Unique Indexes - 109 -
as jsB GROUP BY submission_oid HAVING COUNT(*) > 1) GROUP BY jsA.submission_oid);
Ensure all changes are committed.
3. Step 3: Repeat as necessary. After step 2, go back to step 1 and rerun the SELECT queries, then continue on to
step 2 if there are still results. This is necessary because the queries in step 2 delete only a single duplicate at a
time.
Next
New DB Unique Indexes - 110 -
Dynamic PDF Receipt 2 Service | System Administrator |
Journey Manager version 17.10.0 introduces an improved Dynamic PDF receipt render service using PhantomJS. The new
service allows for easier and more extensive customization and better error handling, and is available on both existing and
new Manager installations.
The service is named Dynamic PDF Receipt 2 and is the default receipt render service for new installations.
On existing installations, the default receipt render service will not change during the upgrade. You can test the new ser-
vice by either assigning it to specific form versions first:
Once you are satisfied with the new receipt rendering service, you can make it the system default service:
Dynamic PDF Receipt 2 Service - 111 -
Next
Dynamic PDF Receipt 2 Service - 112 -
Form Work Space Changes | System Administrator |
The following Form Web Portal content changes have been made in Manager version 17.10.0 compared to version 5.1:
Page or Resource Path Content Changes
create-account.htm (Page) removed support for eSignatures
error.htm (Page) by default, display less information for security reasons
click/error.htm (Page) by default, display less information for security reasons
META- INF/cxf/org.apache.cxf.Logger (Resource)
added as part of web service fix
resources/includes/account/tile- job.html (Resource)
added job group name display
secure/submission-e-signature.htm (Page) removed as part of eSignature removal
secure/account/account-detail.htm (Page) removed support for eSignatures
secure/account/jobs.htm (Page) added job group search field
secure/account/submission.htm (Page) added support for form category search field
WEB- INF/jboss- deployment- structure.xml (Resource)
updated library module includes, fixed web service dependencies
WEB-INF/spring.xml (Resource) removed references to spring- custom.xml and User-AccountValidator
WEB-INF/spring-custom.xml (Resource) removed
WEB-INF/web.xml (Resource) added support for JSApp forms
Important Notes
When upgrading to Journey Manager version 17.10, all WAR files need to be rebuilt. The Journey Manager installer will
take care of the standard modules, such as Transact Manager and Business Reports, and form spaces, such as Web Plug-
in, Work Space, and Maguire, as part of the upgrade.
However, if you have custom work space WAR files, you need to rebuild them by running the installer and choosing the
option Create a Transact Work Space. For more information, see form spaces.
Form Work Space Changes - 113 -
Additionally, if you have a T.Field form space deployed, you will need to deploy the updated WAR file manually. It is loc-
ated at [Manager setup directory]/war/avoka-sf-field-worker.war and needs to be deployed to [Manager server directory]/standalone/deployments.
If you do not ensure that all custom WAR files are rebuilt, your spaces may not work after the upgrade. Contact our support
with any concerns you have before upgrading your Manager server.
Next
Form Work Space Changes - 114 -
Version 18.05 Upgrade | System Administrator |
When upgrading an existing Manager server to version 18.05, review the previous upgrade notes and review the upgrade
notes below.
There are no Work Space content changes in the 18.05 release which need to be merged with previous Form Work Space
portals.
Next
Version 18.05 Upgrade - 115 -
Submission Data DB Indexes | System Administrator |
Manager version 18.5.0 introduces new database indexes around submission data that will help maintain data integrity.
To ensure your Manager servers are free of issues and will be able to apply the indexes successfully, we recommend that
you run the following database statements as part of the upgrade, after shutting down the Manager service and backing up
the database:
1. Find duplicate rows:
SELECT submission_oid FROM submission_extract_json GROUP BY submission_oid HAVING COUNT(*) > 1; SELECT submission_oid FROM submission_data GROUP BY submission_oid HAVING COUNT(*) > 1;
If neither query returns any rows, your database is fine and you can continue with the upgrade. Otherwise, con-
tinue with the steps below.
2. Delete duplicates
For submission_data:
DELETE FROM submission_data WHERE submission_data_oid IN ( SELECT min(sdA.submission_data_oid) FROM (SELECT * FROM submission_data) as sdA WHERE sdA.submission_oid in (SELECT submission_oid FROM (SELECT * FROM sub-mission_data) as sdB GROUP BY submission_oid HAVING COUNT(*) > 1) GROUP BY sdA.submission_oid)
For extract_json:
DELETE FROM txmanager.submission_extract_json WHERE sub_extract_json_oid IN ( SELECT min(jsA.sub_extract_json_oid) FROM (SELECT * FROM submission_extract_json) as jsA WHERE jsA.submission_oid in (SELECT submission_oid FROM (SELECT * FROM sub-mission_extract_json) as jsB GROUP BY submission_oid HAVING COUNT(*) > 1) GROUP BY jsA.submission_oid)
Ensure all changes are committed.
Submission Data DB Indexes - 116 -
3. Repeat as necessary. After step 2, go back to step 1 and rerun the SELECT queries, then continue on to step 2 if
there are still results. This is necessary because the queries in step 2 delete only a single duplicate for any given sub-
mission at a time.
Next
Submission Data DB Indexes - 117 -
Form Work Space Changes | System Administrator |
While some HTML template changes were made to version 18.05 compared to version 17.10, these changes are not
required and are commented out. You also don't need to merge any HTML template changes from 18.05 into your existing
Portal content.
The following Form Web Portal content changes have been made in Manager version 18.05 compared to version 17.10:
Page or Resource Path Content Changes
resources\includes\account\tile-help-desk.html
Added section for displaying the Lazy Load message instead of the current No Records message. This requires the new "Search Data Load" property change to "Lazy Data Load".
secure\account\help-desk.htm Section added for startDateField or endDateField. Will need to uncomment 2 line starting ##<script
Important Notes
When upgrading to Manager version 18.05, all WAR files need to be rebuilt. The Manager installer will take care of the
standard Manager modules, such as Transact Manager and Business Reports, and form spaces, such as Web Plug-in and
Work Space, as part of the upgrade.
However, if you have custom work space WAR files, you need to rebuild them by running the installer and choosing the
option Create a Transact Work Space. For more information, see form spaces.
Additionally, if you have a T.Field form space deployed, you will need to deploy the updated WAR file manually. It is loc-
ated at [Manager setup directory]/war/tm-field-worker.war and needs to be deployed to [Manager server directory]/standalone/deployments.
If you do not ensure that all custom WAR files are rebuilt, your spaces may not work after the upgrade. Contact our support
with any concerns you have before upgrading your Manager server.
Next
Form Work Space Changes - 118 -
Version 18.11 Upgrade | System Administrator |
When upgrading an existing Manager server to version 18.11, review the previous upgrade notes and review the upgrade
notes below.
Next
Version 18.11 Upgrade - 119 -
Removal of Maguire Example | System Administrator |
Journey Manager version 18.11 no longer includes the example content provided in previous versions, such as the
Maguire organization and associated forms and the Maguire form space. While this content will not be removed from
existing servers during the upgrade, it will no longer be provided as part of the installer. However, the Workspace portal is
still included in Journey Manager version 18.11.
No manual steps are needed. However, if you don't want to keep this content on your server, you can remove the Maguire
organization, remove the Maguire form space and delete the associated tm-maguire.war file.
Next
Removal of Maguire Example - 120 -
Form Work Space Changes | System Administrator |
There have been no work space content changes in 18.11.0 compared to 18.5.
Important Note:
When upgrading to Manager 18.11, all WAR files containing Java code need to be rebuilt. The Manager installer will take
care of the standard Manager modules (Transact Manager, Business Reports) and Form Space (Web Plug-in, Work
Space) as part of the upgrade.
However, if you have custom work space WAR files, you need to rebuild them by running the installer and choosing the
option "Create a Transact Work Space". For more information, see form spaces.
If you do not ensure that all custom WAR files are rebuilt, your spaces may not work after the upgrade. Contact our support
with any concerns you have before upgrading your Manager server.
Next
Form Work Space Changes - 121 -
Version 19.5 Upgrade | System Administrator |
When upgrading an existing Manager server to version 19.5, review the previous upgrade notes and review the upgrade
notes below.
There are no Work Space content changes in the 19.5 release that need to be merged with previous Form Work Space
portals.
Next
Version 19.5 Upgrade - 122 -
Removal of BIRT Report Module | System Administrator |
Journey Manager version 19.05 no longer includes the BIRT report module, which was shipped with previous versions. All
other reporting functionality provided in Manager still exists.
No manual steps are needed, because the module will be removed by the installer as part of the upgrade process.
Next
Removal of BIRT Report Module - 123 -
Installation Checklist | System Administrator |
This chapter provides an installation check list to help ensure you complete all the necessary steps to install Journey Man-
ager.
Next
Installation Checklist - 124 -
Installation Prerequisites | System Administrator |
To perform a successful Journey Manager installation, you must have:
l License keys for each Manager environment you will create or upgrade.
l The Manager installer, which you can download from our community website.
l Database server: MySQL, Oracle or SQL Server.
l Apache web server 2.4 or later (optional).
l Email server (optional).
l LDAP directory server (optional).
l Virus scanner server (optional).
Next
Installation Prerequisites - 125 -
Database Checklist | System Administrator |
Journey Manager requires a working database, so you must:
l Create a txmanager database and schema.
l Create a txmanager database user with sufficient permissions to execute DDL and SQL statements against the
txmanager schema.
l Create the txmanager tables either using the installer or manually running the installer created script.
l Check there is a connectivity from the Journey Manager server to the database server using TCP with the configured
JDBC port.
l Configure the initialization parameter max_allowed_packet=50M for MySQL database.
Next
Database Checklist - 126 -
Journey Manager Checklist | System Administrator |
After you've installed the Journey Manager, you must:
l Harden administrator account access.
l Configure the deployed modules and portal context paths.
l Configure the admin environment properties.
l Configure the server node definitions.
l Configure the email settings.
l Review and configure data retention policies.
l Install additional Microsoft fonts on Linux servers.
l Install libicu library on Linux servers.
l Ensure the server can synchronize its clock with an NTP server. This can be an issue when Manager is deployed
behind a proxy server.
Next
Journey Manager Checklist - 127 -
Apache Checklist | System Administrator |
l Upgraded to Apache 2.4
l If the Apache server is performing SSL termination ensure, ServerName is configured in httpd.conf so that the
Transact Integration Gateway (TIG) can call JM Web Services over HTTPS. Security changes in Java 1.8 require
the server name to be present during SSL connection handshake.
l Ensure only the strongest SSL cipher (128 bits and above) is supported on the SSL Termination device (SSL Off-
loader and/or Apache), and no weak SSL cipher is allowed.
l Ensure Apache Mod Proxy modules are enabled and configured, and make sure the proxypass and proxy-
passreverse settings are configured for the deployed Journey Manager modules and portals
l Ensure Apache Mod Cache module is enabled and configured, and make sure the caching directory has been cre-
ated and configured
l Ensure Apache Mod Deflate modules are enabled and configured
l Ensure SSL is enabled for production use and system testing. SSL termination can be provided with a smart switch
with SSL offloading in front of the Apache server (recommended), or by Apache using the mod_ssl module.
l Ensure CA issued SSL certificates are installed for production and system testing.
It is highly recommended that you don't use self-signed SSL certificates for testing purposes as Adobe Reader
behaves differently with self-signed certificates, and this often introduces numerous complications during sys-
tem acceptance testing.
l If PDF forms are using any Web Services from servers which are not on the same domain as the JM server, then a
crossdomain.xml file will need to be deployed on the servers hosting the Web Services.
Next
Apache Checklist - 128 -
ClamAV Checklist | System Administrator |
Ensure the ClamAV configuration has maximum file size set to 50MB (StreamMaxLength 50M) and the service has been
restarted to apply this change.
Next
ClamAV Checklist - 129 -
Security Checklist | System Administrator |
l Ensure Journey Manager is installed with the Security Configuration option as Use secure cookies (HTTPS).
l Ensure external applications are only able to access Manager using SSL (port 443).
l Ensure only the strongest SSL cipher (128 bits and above) is supported on the SSL Termination device, such as
SSL Offloader or Apache, and no weak SSL cipher is allowed.
l Ensure the firewall rules for the Manager server only allow connections via the Apache Web Server.
l Ensure the firewall rules for the Adobe LiveCycle server only allow connections from the Manager server over the
configured port, unless there are particular reasons to make these servers externally available. |
l Ensure the firewall rules for the database server only allow connections from the Manager server over the configured
JDBC port.
l Ensure the Manager administrator user account is disabled. We recommend that all administration access is per-
formed through named administrative user accounts. This is to enable administrator access auditing.
l Recommend configuring 2 Factor Authentication for Production environments.
l Ensure the Manager server's administrator password is hardened.
l Ensure the Apache Web server administrator password is hardened.
Security Checklist - 130 -