Deploying FX Professional

Requirements

FX Professional has the following requirements.

Java web application stack:

  • Apache Tomcat 9.0

  • Database server and Caplin’s Webcentric database schema:

    • For production deployments, Caplin provides schemas for a variety of database servers. Contact your Caplin account manager for details.

    • For development deployments, Caplin provide an example H2 database. The example H2 database is packaged in the webcentric-db-version.zip file released alongside FX Professional on the Caplin downloads page.

  • Localised terms and conditions text files for optional features such as Trade Confirmations and Money Markets.

Caplin Platform stack:

To discuss the deployment architecture best suited to your use case, please contact your Caplin account manager.

Install Tomcat

Download the latest version of Apache Tomcat 9 and extract the files to your desired directory.

For more information on installing Tomcat 9, see Tomcat Setup on the Tomcat website, and RUNNING.txt distributed with Tomcat.

Deploy the FX Professional WAR file

Follow the steps below:

  1. Shut down Tomcat.

  2. Delete all files and subdirectories in your <tomcat_root>/webapps directory.

    apache-tomcat-versionwebapps
  3. Download the WAR file for your variant of FX Professional (varianttrader-version.war) from the Caplin Downloads website.

  4. Copy the WAR file to your Tomcat webapps directory: <tomcat_root>/webapps.

    apache-tomcat-versionwebapps varianttrader-3.31.0-1234.war
  5. Remove the version information from the file name of the WAR file. For example, varianttrader-3.31.0-12345.war becomes varianttrader.war:

    apache-tomcat-versionwebapps varianttrader.war
  6. Create a web application context file <tomcat_root>/conf/Catalina/localhost/varianttrader.xml with the following content:

    <?xml version='1.0' encoding='utf-8'?>
    
    <Context>
    
      <!-- Default set of monitored resources -->
      <WatchedResource>WEB-INF/web.xml</WatchedResource>
    
      <!-- Map URI '/resources' to directory '../conf/resources' -->
      <Resources>
        <PostResources className="org.apache.catalina.webresources.DirResourceSet"
        base="../conf/resources" webAppMount="/resources" />
      </Resources>
    
      <!-- Core JNDI configuration -->
      <Environment name="LIBERATOR.DOMAIN" value="example.com" (1)
        type="java.lang.String" override="false" />
      <Environment name="LIBERATOR.PRIMARY.ADDRESS" value="lib1.example.com" (2)
        type="java.lang.String" override="false" />
      <Environment name="LIBERATOR.PRIMARY.PORT" value="80"
        type="java.lang.String" override="false" />
      <Environment name="LIBERATOR.PRIMARY.HTTPS.PORT" value="443"
        type="java.lang.String" override="false" />
      <Environment name="LIBERATOR.SECONDARY.ADDRESS" value="lib2.example.com" (3)
        type="java.lang.String" override="false" />
      <Environment name="LIBERATOR.SECONDARY.PORT" value="80"
        type="java.lang.String" override="false" />
      <Environment name="LIBERATOR.SECONDARY.HTTPS.PORT" value="443"
        type="java.lang.String" override="false" />
      <Environment name="CAPLIN.DEV.MODE" value="false" (4)
        type="java.lang.String" override="false" />
      <Environment name="CAPLIN.LOGIN.ENABLED" value="true" (5)
        type="java.lang.String" override="false" />
    
    </Context>
    1 Set LIBERATOR.DOMAIN to your domain
    2 Set LIBERATOR.PRIMARY.ADDRESS to the hostname of your primary Liberator
    3 Set LIBERATOR.SECONDARY.ADDRESS to the hostname of your secondary Liberator
    4 Set CAPLIN.DEV.MODE to false in production deployments
    5 Set CAPLIN.LOGIN.ENABLED to true to use FX Professional’s built-in login page

    For more information on FX Professional’s JNDI environment entries, see FX Professional JNDI configuration.

  7. Review FX Professional’s default HTTP headers configured in the WAR file’s web.xml file. For recommended headers, see Recommended HTTP headers. For instructions on how to override the default HTTP headers, see Setting HTTP headers.

    To view the default HTTP headers set in the web.xml file, use the following command:

    $ unzip -p varianttrader-version.war WEB-INF/web.xml | less
  8. Create a new folder <tomcat_root>/conf/resources/.

  9. If you have licensed FX Professional’s Trade Confirmations feature, then add your TermsAndConditions.locale.txt files to the <tomcat_root>/conf/resources/ folder.

    apache-tomcat-versionconfresources TermsAndConditions<locale>.txt
  10. If you have licensed FX Professional’s Money Markets feature, then add your MMTermsAndConfitions.locale.txt files to the <tomcat_root>/conf/resources/ folder.

    apache-tomcat-versionconfresources MMTermsAndConditions<locale>.txt

Deploy the Webcentric database

The Webcentric database is used by the Webcentric servlet to persist users' customisations to FX Professional’s layout.

Production deployments

For production deployments, Caplin provide schemas for a variety of database servers. Please speak to your Caplin account manager.

Follow the steps below:

  1. Deploy the Webcentric schema to your production database server.

  2. Add a <Resource…​/> tag for your Webcentric database to the <tomcat_root>/conf/Catalina/localhost/varianttrader.xml file.

    Example: a MySQL database called 'webcentric' on host db.example.com
    <Resource name="jdbc/mysqldb"
        auth="Container"
        type="java.sql.DataSource"
        username="webcentric_servlet"
        password="JP9DGnKUgn58FXhX"
        driverClassName="com.mysql.jdbc.Driver"
        url="jdbc:mysql://db.example.com:3306/webcentric"/>

    The values for tag attributes username, password, driverClassName, and url are under your control. Change them to values appropriate to your Webcentric database deployment.

  3. Schedule regular backups of the Webcentric database.

Development deployments

For development deployments, Caplin provide an example H2 database, packaged as webcentric-db-version.zip.

Follow the steps below:

  1. Extract webcentric-db-version.zip to your Tomcat root directory.

    apache-tomcat-versionwebcentric-db varianttrader varianttrader.h2.db
  2. Add a <Resource…​/> tag for the H2 database to the <tomcat_root>/conf/Catalina/localhost/varianttrader.xml file:

    <Resource name="jdbc/webcentricdb"
        auth="Container"
        type="javax.sql.DataSource"
        username="sa"
        password=""
        driverClassName="org.h2.Driver"
        url="jdbc:h2:../webcentric-db/varianttrader/varianttrader;IFEXISTS=TRUE;AUTO_SERVER=TRUE"/>

Configure the Keymaster servlet

Follow the steps below to configure the Keymaster servlet:

  1. Generate a new key pair for the web application’s Keymaster servlet:

    #!/bin/bash
    
    # PKCS1 private key. Compatible with KeyMaster.NET.
    openssl genrsa -out privatekey_pkcs1.pem 2048
    
    # Convert PKCS1 private key to PKCS8. Compatible with KeyMaster Java.
    openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in privatekey_pkcs1.pem -out privatekey.pem
    
    # Export public key. Compatible with Caplin Liberator.
    openssl rsa -pubout -outform DER -in privatekey_pkcs1.pem -out keymaster_public.der
  2. Copy the file privatekey.pem to <tomcat_root>/conf/keymaster/.

  3. Set the location of the private key in the <tomcat_root>/conf/Catalina/localhost/varianttrader.xml file:

    <!-- KeyMaster servlet configuration -->
    <Environment name="caplin.keymaster.privatekey.filename"
        value="../../conf/keymaster/privatekey.pem"
        type="java.lang.String" override="false" />
  4. Copy the file keymaster_public.der to the Deployment Framework directory global-config/ssl on all Liberator hosts.

Configure the SignOn servlet

If your deployment uses FX Professional’s built-in sign in page (see CAPLIN.LOGIN.ENABLED in FX Professional’s JNDI configuration), follow the steps below:

  1. Generate a new key pair for the SignOn servlet.

    #!/bin/bash
    
    # PKCS1 private key.
    openssl genrsa -out privatekey_pkcs1.pem 2048
    
    # Convert PKCS1 private key to PKCS8.
    openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in privatekey_pkcs1.pem -out privateSignonKey.pem
    
    # Export public key.
    openssl rsa -pubout -outform PEM -in privateSignonKey.pem -pubout -out publicSignonKey.pem
  2. Copy both privateSignonKey.pem and publicSignonKey.pem to <tomcat_root>/conf/signon/.

  3. Set the location of the new keys in the <tomcat_root>/conf/Catalina/localhost/varianttrader.xml file:

    <Environment
        name="caplin.signon.privatekey.filename"
        value="../../conf/signon/privateSignonKey.pem"
        type="java.lang.String"
        override="false"/>
    <Environment
        name="caplin.signon.publickey.filename"
        value="../../conf/signon/publicSignonKey.pem"
        type="java.lang.String"
        override="false"/>

Start Tomcat

If you start Tomcat manually, run the command below from Tomcat’s bin directory:

$ ./startup.sh

If you start Tomcat as a service, follow instructions in RUNNING.txt.

You can now access FX Professional on http://tomcat_host:tomcat_port/varianttrader.