Configure a database user registry

 

+
Search Tips   |   Advanced Search

 

Overview

Follow these steps to configure a database user registry in WAS:

This procedure also does the following tasks:

  • Enables WAS Global Security

  • Reactivates WAS Global Security if you disabled it before installing WebSphere Portal

  • Manually deploys portlets if you installed WebSphere Portal without configuring it during installation

Perform this procedure only if you will use a database user registry configuration for authentication. Do not use this procedure if one of the following conditions is true:

For security reasons, not store passwords in the wpconfig.properties file. It is recommended that you edit the wpconfig.properties prior to running a configuration task, inserting the passwords needed for that task. Then, after the task has run, you should delete all passwords from the wpconfig.properties file.

Alternatively, you can specify the password on the command line using the following syntax:

WPSconfig.sh task_name -Dpassword_property_key=password_value

You cannot use the Cloudscape database for a database user registry configuration or a custom user registry for authentication. Before performing the following procedure, install separate database software and run the appropriate WebSphere Portal configuration task.

  1. Disable WAS Global Security before running this task.

  2. Make a backup copy of...

    wp_root/config/wpconfig.properties

  3. Edit...

    wp_root/config/wpconfig.properties

    ...and enter the values that are appropriate for your environment.

    Note the following information:

    • Do not change any settings other than those specified in these steps.

    • Use / instead of \ for all platforms.

    • Some values, shown here in italics, might need to be modified to your specific environment.

    Section of properties file: WAS properties

    Property Value
    LTPAPassword

    Description: The password to encrypt and decrypt the LTPA keys.

    Recommended value: No recommended value for this property.

    Default value: none

    WasUserid

    Description: The user ID for WAS security authentication. This must not contain any suffixes in the custom user registry case.

    Note: If a value is specified for WasUserid, a value must also be specified for WasPassword. If WasUserid is left blank, WasPassword must also be left blank.

    Recommended value: wpsbind

    Default Custom User Registry (CUR) value: wpsbind

    WasPassword

    Description: The password for WAS security authentication.

    Note: If a value is specified for WasPassword, a value must also be specified for WasUserid. If WasPassword is left blank, WasUserid must also be left blank.

    Recommended value: No recommended value for this property

    Default value: <none>

    LTPATimeout

    Description: Specifies the number of minutes after which an LTPA token will expire.

    Recommended Value: 120

    Default Value: 120

    Section of properties file: WebSphere Portal configuration

    Property Value
    PortalAdminId

    Description: The userID of the WebSphere Portal administrator. This must not contain any suffixes in the custom user registry case.

    Recommended value: portaladminid

    Default value: <none>

    PortalAdminIdShort

    Description: The user ID of the WebSphere Portal administrator. This must not contain any suffixes in the custom user registry case.

    Recommended value: portaladminid

    Default value: <none>

    PortalAdminPwd

    Description: The password for the WebSphere Portal administrator, as defined in the PortalAdminId property.

    Recommended value: No recommended value for this property

    Default value: <none>

    PortalAdminGroupId

    Description: The group ID for the group to which the WebSphere Portal administrator belongs.

    Recommended value: cn=<portaladmingroupid>,o=default organization

    Default value: <none>

    PortalAdminGroupIdShort

    Description: The short form of the group ID for the WebSphere Portal administrator, as defined in the PortalAdminGroupId property.

    Recommended value: portaladmingroupid

    Default value: <none>

    WmmDefaultRealm

    Description: The default realm of the Member Manager user registry (UR) configuration. Set this property before enabling security with enable-security-wmmur-ldap or enable-security-wmmur-db.

    Recommended value: No recommended value for this property

    Default value: <none>

    WmmSystemId

    Description: The fully-qualified distinguished name (DN) of a user in the LDAP. This DN is stored in the credential vault for PUMA's use to access the Member Manager EJB. The Member Manager EJB is secured by WAS Security starting with WebSphere Portal 5.1. An authenticated security context is now established before WebSphere Portal can access Member Manager.

    For an LDAP configuration, this value should not contain spaces and must not contain any suffixes in the custom user registry case.

    Recommended value: No recommended value for this property

    Default value: <none>

    WmmSystemIdPassword

    Description: Password for the WmmSystemID user.

    Recommended value: No recommended value for this property

    Default value: <none>

    Section of properties file: Database configuration

    Property Value
    DbUser

    Description: The user ID for the database administrator.

    Value Type: Alphanumeric text string

    Default Value: ReplaceWithYourDbAdminId

    DbPassword Description: The password for the database administrator.

    Value Type: Alphanumeric text string

    Default Value: ReplaceWithYourDbAdminPwd

    WmmDbUser Description: The user ID for the database administrator.

    Value Type: Alphanumeric text string

    Default Value: ReplaceWithYourDbAdminId

    Note: If you are migrating from a previous version of WebSphere Portal, this value must match the database user name for the WebSphere Member Services database from the previous WebSphere Portal version.

    WmmDbPassword Description: The password for the database administrator.

    Value Type: Alphanumeric text string

    Default Value: ReplaceWithYourDbAdminPwd

  4. Save the file.

  5. Open a command prompt and change to the directory wp_root/config.

  6. Follow these steps if you are running this task on a node that is already federated and have not previously used this step to copy Member Manager files to the deployment manager:

    1. Run the following command which will create the wasextarchive.jar file in...

      wp_root/config/work

      ...which contains the Member Manager binaries.

      ./WPSconfig.sh archive-was-ext

    2. Copy the wasextarchive.jar file from...

      wp_root/config/work

      ...to the installation root folder of the WebSphere Portal Network Deployment Manager, for example Dmgr_root.

    3. Stop WebSphere Portal Network Deployment Manager

      cd Dmgr_root/bin directory:
      ./stopManager.sh

    4. Un-archive the wasextarchive.jar file

      cd Dmgr_root directory
      ./java/bin/jar -xvf wasextarchive.jar

    5. Verify that...

      Dmgr_root/lib/ext

      ...contains files that start with the word wmm.

    6. Start WebSphere Portal Network Deployment Manager

      cd Dmgr_root/bin
      ./startManager.sh

  7. Enter the appropriate command to run the configuration task:

    If this is a cluster environment, stop all cluster members before enabling security using the enable-security-wmmur-db task.

    ./WPSconfig.sh enable-security-wmmur-db

    Check the output for any error messages before proceeding with any additional tasks. If the configuration task fails, verify the values in the wpconfig.properties file.

  8. In order to make security active, restart server1 and any other servers where WebSphere Portal is not installed.

    cd was_root/bin
    stopServer server1
    startServer server1
    startServer WebSphere_Portal

 

See also

 

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.

 

IBM is a trademark of the IBM Corporation in the United States, other countries, or both.