Preamble
We would like to welcome you as a customer of the Tax Data Hub.
In the following we provide instructions for the initial installation of the Tax Data Hub on a Tomcat application server. If your requirements for the installation differ from the assumptions made here, we will be happy to advise you to facilitate the integration of the Tax Data Hub in your company.
Checking the preconditions - infrastructure
Please use the System requirements document to check whether your infrastructure is up to date. If this is not the case, please update the infrastructure before you start with the Tax Data Hub installation.
Installation of database
The steps for setting up are kept general at this point in order to do justice to the different configurations of the database systems.
Create a new database schema on the database server.
Create a database user with permission to "INSERT", "UPDATE", "DELETE", "ALTER", "CREATE" on this database.
In SQL Server, the user needs the database roles db_datareader, db_datawriter and a role for executing stored procedures, e.g.: db_executor:
CREATE ROLE db_executor GO GRANT EXECUTE TO db_executor GO
Make sure that the application server can connect to the database with this user.
Please ensure that a current JDBC driver package, suitable for your DBMS and the Java version used, is in the lib directory of the Tomcat.
The database schema is automatically created and updated when the application is started.
Make sure that the user who imports the DB scripts has all rights on the this database.
Installation of the Web Application Server
As a rule, the module is set up on the same Tomcat on which the module Portal is installed. In this case, a Tomcat already exists. You can skip the steps "Installing the JDK" and " Installation of the Tomcat 9".
In the following, we assume an installation on a Windows operating system. An installation on a Unix-like system differs mainly in the paths.
Installation of the JDK
Install a suitable JDK 17 and create the system variable "JAVA_HOME", which points to the installation directory.
Installation of the "Tomcat 9"
Install Apache Tomcat 9 in a directory of your choice. We recommend installing Tomcat to a drive other than "C:", in the further process the directory "D:\Server\Tomcat" is assumed.
We recommend installing the entries for the start menu to simplify the configuration.
The ports used by the Tomcat can be adapted according to your requirements.
Configuration of the "Tomcat 9"
Memory
After installation, run the application "->Startmenu->Tomcat->"configure tomcat" and perform the following steps:
Tab "General": Set the start of the service to automatic.
Tab "Java": Enter "512" in the field "Initial Memory Pool".
Tab "Java": In the field "Maximum Memory Pool" enter approximately half of the available physical memory. For example, 2048 for 4096 MB RAM. For 32-bit systems, please bear in mind the limitation of the working memory to approx. 3.5 GB. The memory settings made here affect the performance and runability of the application. They may need to be adjusted over time as usage increases.
HTTPS
Make the necessary connector settings in the „D:\Server\Tomcat\lib\server.xml" configuration file to ensure communication via https. A reference to a valid key store for identifying the module Tax Transfer Hub to other applications must be maintained.
Connection to the database
Database driver
Copy the database driver that matches your database server into the "\lib" directory in the Tomcat installation directory.
Microsoft SQL Server - https://docs.microsoft.com/en-us/sql/connect/jdbc/microsoft-jdbc-driver-for-sql-server
Configuration
Configure the database connection as a JNDI connection in Tomcat:
Open the "context.xml" file in the "\conf" directory of the Tomcat.
Add a new "Resource" XML tag with appropriate attributes for your DBMS and name "jdbc/taxdatahubdatasource".
Example "Resource" XML tag for MSSQL<Resource name="jdbc/taxdatahubdatasource" auth="Container" type="javax.sql.DataSource" maxTotal="100" maxIdle="30" maxWaitMillis="10000" username="taxdatahub" password="taxdatahub" driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" url="jdbc:sqlserver://localhost:1433;databaseName=taxdatahub" />
When using a Microsoft SQL Server database driver with version greater than 10.x.x without encryption, the parameter “url” of the tag “resource” must be extended by “;encrypt=false (in this example url="jdbc:sqlserver://localhost:1433;databaseName=taxdatahub;encrypt=false")”
Windows authentication
(Optional for Microsoft SQL Server)
From the JDBC driver package, the appropriate “*.dll”-file must also be copied from the folder “auth” into the directory “System32” of the system.
Example path: .\sqljdbc_8.2.2.0_deu\sqljdbc_8.2\deu\auth\x64\mssql-jdbc_auth-8.2.2.x64.dll
The Windows user must be entered in Tomcat
The user needs permissions on the server of the Tomcat to run the Tomcat service as well as write permissions in the Tomcat folder for logs.
The user needs permissions on the database server.
The user needs the above-mentioned permissions on the database schema.
The connections in the context.xml must correspond to this example:
<Resource name="jdbc/taxdatahubdatasource" type="javax.sql.DataSource" maxTotal="100" maxIdle="30" maxWaitMillis="10000 driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" url="jdbc:sqlserver://[SERVER-NAME];DatabaseName=[DATABASE_NAME];Integratedsecurity=true"/>
Connection to SAP (optional for systems with an RfC connection)
Check with the business department whether RfC interfaces are used in this product in your company. If this is the case, you must carry out the following steps.
Download the appropriate connector for your system from the SAP support site.
Move the file "sapjco3{*}.jar" into the directory "/lib".
Insert the "sapjco.dll" into the directory "/bin".
Connection to the module Portal
The registration of the module on the portal is carried out directly with Tomcat java option parameters. The following parameters are necessary in any case:
-Dtaxdatahub.url.base=<URL of the module Tax Transfer Hub>
-Dtaxdatahub.url.portal=<URL of the module Portal>
Optional to specify a different API address:
-Dtaxdatahub.url.api=<API URL of the module Tax Transfer Hu>
Optionally required for static registration (if the module and the portal are installed on one Tomcat):
-Dtaxdatahub.clientId=<Character String from the portal - ClientId>
-Dtaxdatahub.clientSecret=<Character String from the portal - ClientSecret>
The URLs must always be specified with port, even if it is a standard port (e.g. 80 or 443).
Deployment setup
The following steps set up the Tax Data Hub module on the "Tomcat 9" application server.
Copy and unpack the war file from the delivery package into the "\webapps" directory in the Tomcat installation directory. You can, of course, first edit the package to another location to do the configuration there and copy it to "\webapps" when finished.
If you use JNDI (recommended by AMANA) for the data connection, no further adjustments are necessary.
When specifying the database connection directly, proceed as follows:Edit the file "\WEB_INF\classes\META-INF\persistence.xml".
Delete the line with the XML tag "<non-jta-data-source>" completely.
Comment out the "<properties>" XML block.
Comment in the block for your DBMS and comment out the other blocks.
Adjust the IP/host name of the database server, the database name and user/password according to the parameters selected under the item "Database".
Use of Self-Signed Certificates
If you have integrated a self-signed TLS/SSL certificate in Tomcat, it can happen that HTTP requests from this module to other modules cannot be carried out. In this case, enter the following parameter in the "Java Options" field in Tomcat. This explicitly allows the use of self-signed certificates in the application. This configuration is generally not recommended for productive systems.
-Dtaxdatahub.api.allowSelfSignedCertificat=true
Start
Start the Tomcat application server on which you have installed the service module, either under System Services or with the "Configure Tomcat" application.
Wait until the server has started.
Whether the service module has been configured correctly and is accessible from other modules can be checked via the module view of the portal. To do this, log in to the portal with administration rights and click on Modules in the Administration tab.
The service module appears in the list and is indicated by a green traffic light. If the traffic light is yellow, check the connection properties to see whether the corresponding paths have been maintained correctly and check whether the https connection has been maintained correctly.
Concluding remarks
The software can now be handed over to the departments for use or professional testing.
Finally, a few comments:
We would like to recommend that you make a regular backup of the database, as this contains the data of the application.
The deployment does not have to be backed up constantly. Here it is sufficient to have the status ready when a version is delivered.