Portal security with a Member Manager database

+
Search Tips   |   Advanced Search

 

Overview

Follow these steps for a Member Manager database-only configuration in WAS. This procedure enables WAS Global Security and manually deploys portlets. Perform this procedure only if you will use a Member Manager database-only configuration for authentication. Do not use this procedure if you plan to use a...

 

Procedure

  1. Disable WAS Global Security

  2. Make a backup copy of...

    /qibm/userdata/webas5/base/<instance>/portalserver5/config/wpconfig.properties

  3. Edit...

    /qibm/userdata/webas5/base/<instance>/portalserver5/config/wpconfig.properties

    Do not change any settings other than those specified in these steps.

    You can modify wpconfig.properties locally on an iSeries system by using... 

        EDTF '/qibm/userdata/webas5/base/<instance>/portalserver5/config/wpconfig.properties

    Modify parameters...

    Section Property Value
    WAS properties LTPAPassword
    Description: Password to encrypt and decrypt the LTPA keys.
    Recommended: None
    Default: None
    WasUserid
    Description: User ID for WAS security authentication. Must not contain any suffixes in the custom user registry case.
    Recommended: wpsbind
    CUR value: wpsbind
    WasPassword
    Description: Password for WAS security authentication.
    Recommended: None
    Default: None
    LTPATimeout
    Description: Time out for the LTPA bind
    Recommended: 120
    Default: 120
    WebSphere Portal configuration PortalAdminId
    Description: User ID of the Portal administrator. Must not contain any suffixes in the custom user registry case.
    Recommended: uid=<portaladminid> o=default organization
    Default: None
    PortalAdminIdShort
    Description: The short form of the user ID for the Portal administrator, as defined in the PortalAdminId property.
    Recommended: portaladminid
    Default: None
    PortalAdminPwd
    Description: Password for the Portal administrator (PortalAdminId).
    Recommended: None
    Default: None
    PortalAdminGroupId
    Description: The group ID for the group to which the Portal administrator belongs.
    Recommended: cn=<portaladmingroupid>,o=default organization
    Default: None
    PortalAdminGroupIdShort
    Description: The short form of the group ID for the Portal administrator, as defined in the PortalAdminGroupId property.
    Recommended: portaladmingroupid
    Default: None
    Custom User Registry configuration properties CUClassName
    Description: Specifies a dot-separated class name that implements the com.ibm.websphere.security.UserRegistry interface (should be in the class path).
    Recommended: com.ibm.websphere.wmm.registry.WMMCustomRegistry
    Default: com.ibm.websphere.wmm.registry.WMMCustomRegistry
    Database configuration Dbuser
    Description: User ID for the database administrator.
    Value Type: Alphanumeric text string
    Default Value: ReplaceWithYourDbAdminId
    DbPassword
    Description: Password for the database administrator.
    Value Type: Alphanumeric text string
    Default Value: ReplaceWithYourDbAdminPwd
    WmmDbUser
    Description: User ID for the database administrator.
    Value Type: Alphanumeric text string
    Default Value: ReplaceWithYourDbAdminId

    If you are migrating from a previous version of WebSphere Portal, this value must match the database user name for the WebSphere Member Services database from the previous WebSphere Portal version.

    WmmDbPassword
    Description: Password for the database administrator.
    Value Type: Alphanumeric text string
    Default Value: ReplaceWithYourDbAdminPwd

  4. Save the file.

  5. Start the Qshell Interpreter by entering the following on an OS/400 command line: 

       STRQSH

  6. Change to the directory...

    /qibm/userdata/webas5/base/<instance>/portalserver5/config

  7. Enter the following command to run the configuration task: 

       WPSconfig.sh enable-security-cur

    Check the output for any error messages before proceeding with any additional tasks. If the configuration task fails, verify the values in the wpconfig.properties file. Before running the task again, be sure to stop the WebSphere Portal Application Server by entering the following command from the...

    /qibm/proddata/webas5/pme/bin

    ...directory and specify the WAS user ID and password (as defined by the WasUserid and WasPassword properties): 

        stopServer -instance <instance> <app_server> -user was_userid -password was_password

    If you stop the WAS, be sure to restart it before continuing: 

        startServer -instance <instance> <app_server>

 

Verifying configuration

  1. Open a Web browser and enter the portal page URL:

    http://<hostname.yourco.com >:<port_number>/wps/portal

    ...where hostname.yourco.com is the fully qualified host name of the machine where WebSphere Portal is running and port_number is the transport port that is created by WAS.

    This value is also stored in the WpsHostPort property in...

    /qibm/userdata/webas5/base/<instance>/portalserver5/config/wpconfig.properties

    For example,...

    http://www.ibm.com:9081/wps/portal

    If you have customized the portal page URL, for example by modifying the base URI portion of the default URL (wps) or the portal page (portal), be sure to enter the customized URL.

  2. The portal should load in the browser.

    If you get an Internal Server Error, WAS might not have completely started yet. Wait a couple of minutes to ensure that WAS has completely started and try to access the portal page again.

  3. Verify that you are still able to log in as the portal administrator now that security is enabled. Click Log in, then enter the administrative user ID and password. Click Log in again.

 

See also