Plan for collaboration
Plan for Domino and Extended Products
This document discusses planning for the integration of WebSphere Portal collaborative portlets with Lotus Domino 6.5.1 and...
- IBM Lotus Domino Enterprise Server
- IBM Lotus Instant Messaging and Web Conferencing
- IBM Lotus Team Workplace
Note that the Domino document referenced in the above link contains a chapter specific to integrating with WebSphere Portal v5.0.2. This chapter is entitled, Domino 6.5.1 and Extended Products with WebSphere Portal. Some information in that chapter is helpful for integrating Domino and the Extended products with WebSphere Portal V5.1, while other information is not applicable for V5.1. If applicable, specific references to that chapter are provided in this Information Center to help you set up your environment. Any other areas in that chapter that are not specfically referenced by this Information Center should not be used.
Introduction
Collaborative features provided by the portal include the Collaboration Center portlets, and Collaborative Services. To use these collaborative features in the portal, set up one or more of the supported versions of the following Lotus companion products:
Collaboration Center is not included with all editions of WebSphere Portal.
Collaborative Services are Java APIs that provide the building blocks for integrating the functionality of Lotus Domino, Lotus Lotus Instant Messaging and Web Conferencing, Lotus Lotus Team Workplace, and Lotus Discovery Server into portals and portlets. Using Lotus Collaborative Components, application developers can design and implement user interface extensions in portals and portlets that extend the functionality of Lotus software collaboration products.
Integrating WebSphere Portal with Domino and the Extended Products
The following sections provides information to help you understand how WebSphere Portal integrates with Domino and the Extended Products.
How WebSphere Portal uses Domino
From the portal perspective, there are two types of Domino servers:
- User repository (LDAP server)
- Data source for portlets.
You can set up WebSphere Portal to use the Domino server as the user repository for users who access both the portal and any portlets that access Domino and the Extended Products.
If portal uses a Domino server as the user repository, then that server must be LDAP-enabled. Domino LDAP is required to look up various user values and attributes, such as mailfile, mailserver, and so on. Some of the collaborative portlets use these values to locate the appropriate Domino data source server to use.
Any Domino data source servers must have HTTP, LDAP, and Domino IIOP enabled.
Examples of data source servers include Domino server as a Notes mail server, or a Domino server that is running Lotus Lotus Instant Messaging and Web Conferencing.
- Domino HTTP is used to access Domino data via Domino XML.
- Domino IIOP is used to prepopulate some of the lists shown in the edit mode of the collaborative portlets.
Is is possible to mix ldaps. For example, have Domino LDAP provide collaborative portlet authentication, and a different flavor of LDAP provide one flavor of LDAP server for portal authentication, and use Domino LDAP for collaborative portlet authentication.
Plan your user directory
If you will be using portlets for Domino and Lotus Instant Messaging and Web Conferencing only, the Lotus Instant Messaging and Web Conferencing user directory can be the native Domino directory or Domino LDAP.
If you will be using portlets for Domino, Lotus Instant Messaging and Web Conferencing, and Lotus Team Workplace, the Lotus Instant Messaging and Web Conferencing user directory has to be an LDAP directory and Lotus Team Workplace must share that directory. This is a requirement to get awareness and online meetings working within Lotus Team Workplace.
Performance considerations
You should consider the performance and availability of Domino servers when configuring portal in a Domino environment. For example, to use a Domino LDAP server as the user repository for the portal, install portal on a separate machine from the Domino LDAP server. A Domino LDAP server for the portal should reside on a machine that is dedicated to serving the portal environment.
Considerations for existing Domino environments
If you have an existing Domino server installed, verify you have the supported version installed before you attempt to use it with WebSphere Portal. If you do not have the supported version, upgrade to the supported version and perform the required configuration before you can use the Domino server with WebSphere Portal.
Enable single signon between the Domino environment and WAS
Single signon between the Domino environment and the portal environment enables you to log in to the portal, and then use collaborative portlets without having to authenticate a second time. Although enabling single signon is not required to use the collaborative portlets, consider enabling it to improve the user experience.
To enable single signon, a Web SSO configuration document must exist for each Domino domain that includes Domino servers that portal uses. The Web SSO configuration document is a domain-wide configuration document stored in the Domino Directory. This document, which should be replicated to all servers participating in the single signon domain, is encrypted for participating servers and administrators, and contains a shared secret key used by servers for authenticating user credentials.
In addition to the Web SSO configuration document for Domino servers, create, save, and export an LTPA key from WebSphere Application Server, and then import that WebSphere LTPA key into the Domino domain or domains. For each Domino domain that is set up for use with the portal, the same WebSphere LTPA key must be imported to support single signon. By doing this, servers that participate in the Domino domain will use the WebSphere LTPA key for authentication.
A best practice is to install and configure all servers prior to enabling single signon. For example, install and configure Lotus Team Workplace and Lotus Instant Messaging and Web Conferencing before you enable single signon.
If you complete the required single signon configuration between the Domino environment and portal environment, there is no procedure to disallow automatic login for a specific user. For example, if user A logs in to the portal, user A will always be logged in to the Domino environment if single signon is enabled between the two environments.
Lotus Team Workplace settings to support WebSphere Portal
To enable the drop-down server list or picker feature in the Lotus Team Workplace portlets edit mode that enables browsing of Lotus Team Workplaces on a given server, enable the following settings on the Lotus Team Workplace server:
- Make sure the DIIOP task is selected and running for the Lotus Team Workplace server.
- In the Server Document on the Internet Protocols tab, check Yes in Allow HTTP clients to browse databases.
The preceding settings are required to enable the picker feature in the Lotus Team Workplace portlets. If these capabilities are not enabled, you can still use the Lotus Team Workplace portlets to access Lotus Team Workplaces by manually entering server and place names. Additionally, you can still use the Lotus Team Workplace collaborative components to create Lotus Team Workplaces.
Lotus Instant Messaging and Web Conferencing settings to support WebSphere Portal
To enable portlets that reside on the portal machine to access Lotus Instant Messaging and Web Conferencing functions, add the ips to the Community Trusted IPS field located in the Community Connectivity document in the stconfig.nsf database. Adding this setting will restrict access to Lotus Instant Messaging and Web Conferencing services to only the listed IP addresses. IP addresses not listed in this field will not be able to connect to the Web Conferencing Server and will generate the following error in the sametime.log file Rejecting server component <ip address> not in trusted server ips list.
For test or non-production environments, you can modify the sametime ini file to allow all servers to access the Web Conferencing Server. To do this, add the following variable to the [DEBUG] section of the sametime.ini file, which is located in the Domino directory: VPS_BYPASS_TRUSTED_IPS=1.
Run configuration tasks to enable WebSphere Portal to use Domino, Lotus Instant Messaging and Web Conferencing, or Lotus Team Workplace
WebSphere Portal provides configuration tasks that you run at a command line to configure portal to use Domino, Lotus Instant Messaging and Web Conferencing, and Lotus Team Workplace. You can run the configuration tasks individually, for example to configure WebSphere Portal for use with Domino only, or you can run a configuration task to configure WebSphere Portal to use them all.
Edit CSEnvironment.properties to change additional settings
Configuration settings for using collaboration with WebSphere Portal have been consolidated into a single file: CSEnvironment.properties. The tasks that you run to configure WebSphere Portal to use the Domino and Extended Products perform most of the configuration for you. If you want to perform additional configuration, edit the CSEnvironment.properties file.
Next step
You have completed this step. Continue to the next step by choosing the following step:
See also
Home | Support | Terms of use | Feedback
WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.