Symas How-To Guide

Step 3: Apache Fortress Setup for HA

Step 3: Configuring Apache Fortress-OpenLDAP for High Availability

Prereqs tailored for REDHAT

  • Java v8 installed
  • Apache Fortress-OpenLDAP Virtual IP Setup complete
  • Steps under OpenLDAP HA Installation complete


Apache Fortress software will be installed to:

  • /opt/fortress: The root folder for the Apache Fortress runtime.
  • /opt/fortress/lib: Apache Fortress Realm proxy component.
  • /opt/fortress/webapps: Apache Fortress Rest component.
  • /opt/fortress/logs/catalina.out: The process logfile.
  • /etc/systemd/system/fortress.service: The service configuration is placed here.

Fortress Server Setup

To be performed on each machine.

1. Prep Env

a. Download Tomcat 9 to local machine

b. Create Installation folder, extract tar, goto folder:

$ mkdir /opt/fortress
$ tar -zxvf apache-tomcat-[VERSION].tar.gz -C /opt/fortress --strip-components=1
$ cd /opt/fortress

Where [VERSION] matches downloaded latest Apache Fortress Tomcat.  As of today, 9.0.13.

2. Install Fortress

a. Deploy Apache Fortress Realm Proxy:

$ wget http://repo.maven.apache.org/maven2/org/apache/directory/fortress/fortress-realm-proxy/[VERSION]/fortress-realm-proxy-[VERSION].jar -P /opt/fortress/lib

Where [VERSION] matches latest Apache Fortress Realm. As of today, 2.0.3.

b. Deploy Apache Fortress Rest:

$ wget https://repository.apache.org/content/repositories/releases/org/apache/directory/fortress/fortress-rest/[VERSION]/fortress-rest-[VERSION].war -P /opt/fortress/lib

Where [VERSION] matches latest Apache Fortress Rest. As of today, 2.0.3.

3. Configure Fortress-as-a-Service

a. Create a group and user for Apache Fortress process to run under:

$ groupadd fortress
$ useradd -s /bin/nologin -g fortress -d /opt/fortress fortress

b. Edit systemd file

$ vi /etc/systemd/system/fortress.service

c. Add the following. Change JAVA_OPTS for hostname, admin user/pw for your env.

Description=Apache Fortress is powered by Apache Tomcat
After=syslog.target network.target


Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
ExecStop=/bin/kill -15 $MAINPID


  • Here, we'll point each instance of Apache Fortress to slapd running localhost.
  • Defaults given for JAVA_HOME, service accounts, password, host, port, etc, change to match your env.

d. Enable the service to startup automatically.

$ chown fortress.fortress -R /opt/fortress
$ systemctl start fortress.service
$ systemctl enable fortress.service

e. Verify it's running and no errors in the logs.

$ ps -ef | grep tomcat
$ tail -f -n10000 /opt/fortress/logs/catalina.out

4. Testing

Prequisites for these tests

  • Curl installed onto local machine

Use Apache Fortress Quickstart to test services

1. Download and extract.

$ wget https://github.com/shawnmckinney/apache-fortress-quickstart/archive/master.zip

2. Open a system prompt and navigate to folder in quickstart package containing test files.

$ cd apache-fortress-quickstart-master/src/test/resources

3. Run through the samples:  SECTION 5. Test Apache Fortress Rest with Curl.

a. Run the sample curl commands. Password for tests, corresponding with adminuser: $3cret
b. Point the commands to IP address of the VIP, setup earlier.

4. Verify replication

Use a preferred LDAP client to verify that data is being replicated between the masters as you run the tests.