Clean out the default tomcat services from Tomcat's webapps directory:

cd /opt/shrine/tomcat/webapps
rm -rf *


Retrieve the shrine-api.war file from the Harvard Catalyst Sonatype Nexus server at: https://repo.open.catalyst.harvard.edu/nexus/content/groups/public/net/shrine/shrine-api-war/.

wget https://repo.open.catalyst.harvard.edu/nexus/content/groups/public/net/shrine/shrine-api-war/3.3.2/shrine-api-war-3.3.2.war -O shrine-api.war

Before installing check the md5sum of the downloaded components:

md5sum x86_64:
==> shrine-api.war <==


Vulnerability Note: We have discovered that there is a vulnerability with commons-text-1.9.jar located in the directory /opt/shrine/tomcat/webapps/shrine-api/WEB-INF/lib/. The fix for this is to update this file with the latest version from here: https://commons.apache.org/proper/commons-text/download_text.cgi

It's possible that your institutions security scanner may not detect this as a vulnerability.