Enable the AJAX proxy to forward user credentials 

Edit the proxy configuration template file to instruct the IBM Connections server to accept LTPA tokens. This task is necessary if you want to configure single sign-on between IBM Connections and the servers defined in the proxy configuration file.


Procedure

  1. Open a command line window, start the wsadmin tool, and then do one of the following things:

    • If you want all of the applications to pass LTPA tokens, access the common AJAX proxy configuration template file.

      1. From the dmgr host, go to...:

          app_server_root>\profiles\<dm_profile_root>\bin

          where <app_server_root> is the WAS installation directory and <dm_profile_root> is the dmgr profile directory, typically dmgr01. For example, on Windows:

          C:\Program Files\IBM\WebSphere\AppServer\profiles\Dmgr01\bin

          Attention: You must run the following command to start the wsadmin client from this specific directory because the Jython files for the product are stored here. If you try to start the client from a different directory, then the execfile() command that you subsequently call to initialize the administration environment for an IBM Connections component does not work correctly.

      2. Enter the following command to start the wsadmin client:

        • AIX or Linux:

            ./wsadmin.sh -lang jython -user <admin_user_id> -password <admin_password> -port <SOAP_CONNECTOR_ADDRESS Port>

        • Microsoft Windows:

            wsadmin -lang jython -user <admin_user_id> -password <admin_password> -port <SOAP_CONNECTOR_ADDRESS Port>

          where:

          • <admin_user_id> is the user name of a person in the Administrator role on the IBM WAS.

          • <admin_password> is the password of the WAS administrator.

          • <SOAP_CONNECTOR_ADDRESS Port> is the SOAP port for the WAS. The default value of the SOAP port is 8879. If you are using the default port value, you do not need to specify this parameter. If you are not using the default and you do not know the port number, you can look up its value in the WAS Integrated Solution Console. To look up the SOAP port number, perform the following steps:

            1. Open the WAS Integrated Solution Console for the deployment manager, and then select System Administration -> dmgr.

            2. In the Additional properties section expand Ports, and then look for the SOAP_CONNECTOR_ADDRESS port entry to find the port number.

          For example:

          • AIX or Linux:

              ./wsadmin.sh -lang jython -username primaryAdmin -password p@assword -port 8879

          • Microsoft Windows:

              wsadmin -lang jython -username primaryAdmin -password p@assword -port 8879

    • If you want only a single application to be able to pass LTPA tokens, access the custom proxy configuration template file that you created for that application. See Configure the AJAX proxy for information about how to create this file. To access the custom configuration template file, use the following command:

        execfile("<$WAS_HOME>/profiles/<DMGR>/bin/
         <application_name>Config.py")

    • where <application_name> is the name of the application for which you created a custom proxy configuration template file. For example:

        If you are prompted to specify which server to connect to, type 1. This information is not used by the wsadmin client when you are making configuration changes.

  2. Check out the proxy configuration template file using one of the following commands:

    • If you want all of the applications to be able to pass LTPA tokens, use the following command to check out proxy-config.tpl.

        LCConfigService.checkOutProxyConfig("<temp_directory>","<cell_name>")

    • If you want only a single application to be able to pass LTPA tokens, use the following command:

        <application_name>ConfigService.checkOutProxyConfig(
        "<temp_directory>","<cell_name>")

    • where <application_name> is the name of the application for which you created a custom proxy configuration template file. For example:

      • Activities:

          ActivitiesConfigService.checkOutProxyConfig("<temp_directory>",
           "<cell_name>")

      • Communities:

          CommunitiesConfigService.checkOutProxyConfig("<temp_directory>",
           "<cell_name>")

      • Home page:

          HomepageCellConfig.checkOutProxyConfig("<temp_directory>",
           "<cell_name>")

      • Profiles:

          ProfilesConfigService.checkOutProxyConfig("<temp_directory>",
           "<cell_name>")

  3. From the temporary directory to which you checked out the files, open the proxy configuration template file in a text editor.

  4. Include the following declarations in the proxy:policy block of the service to allow cookies for LTPA tokens to be passed to the applications:

      <proxy:cookies>
          <proxy:cookie>JSESSIONID</proxy:cookie>
          <proxy:cookie>LtpaToken</proxy:cookie>
          <proxy:cookie>LtpaToken2</proxy:cookie>
      </proxy:cookies>

  5. Save and close the file.

  6. Check in the proxy configuration template file during the same session in which you checked it out. To do so...

    • If you edited proxy-config.tpl, use the following command to check it back in:

        LCConfigService.checkInProxyConfig("<temp_directory>",
         "<cell_name>")

        where <temp_directory> is the temporary directory to which you checked out the configuration files, and <cell_name> is the name of the cell where the application that uses the common proxy-config.tpl file is located.

    • If you made configuration changes for a specific application, check that custom template file back in using one of the following commands:

      • Activities:

          ActivitiesConfigService.checkInProxyConfig("<temp_directory>",
           "<cell_name>")

      • Communities:

          CommunitiesConfigService.checkInProxyConfig("<temp_directory>",
           "<cell_name>")

      • Home page:

          HomepageCellConfig.checkInProxyConfig("<temp_directory>",
           "<cell_name>")

      • Profiles:

          ProfilesConfigService.checkInProxyConfig("<temp_directory>",
           "<cell_name>")

        where <temp_directory> is the temporary directory to which you checked out the configuration files, and <cell_name> is the name of the cell where the application that uses the proxy template file is located.

  7. Restart the application server hosting IBM Connections.


Parent topic

Configure the AJAX proxy


   

 

});