Removing Tivoli Access Manager from the WebSphere Portal environment
Follow these steps to remove Tivoli Access Manager from the WebSphere Portal environment. After performing this procedure, the following changes occur:
- WebSphere Application Server handles authentication for WebSphere Portal
- WebSphere Portal handles authorization for its resources
- If you used the credential vault adapter for Tivoli Access Manager, remove the vault adapter and its associated segments. perform these steps in the specified order:
- Use the Credential Vault portlet to remove any segments added since installation. ( Do not remove DefaultAdminSegment.) See the Credential Vault portlet help for information.
- Find the wp_root/shared/app/config/services/VaultService.properties file and make a backup copy.
- Remove the AccessManager vault type types property in the wp_root/shared/app/config/services/VaultService.properties file.
- If you used Tivoli Access Manager for authorization, use the following steps:
- Find the wp_root/shared/app/config/services.properties file and create a backup copy.
- Change the com.ibm.wps.services.ac.ExternalAccessControlService property to com.ibm.wps.ac.impl.ExternalAccessControlDefaultImpl in the wp_root/shared/app/config/services.properties file.
- Find the wp_root/shared/app/config/services/AuthenticationService.properties file and make a backup copy.
- Change the authentication.execute.portal.jaas.login property to false in the wp_root/shared/app/config/services/AuthenticationService.properties file.
- Use either the Resource Permissions portlet or the XML configuration interface to internalize any resources managed by Tivoli Access Manager.
- If you previously disabled the ability to create users through WebSphere Portal, now restore it.
- Re-enable WebSphere Portal auto-registration. Restore the backup copy of the was_root/installedApps/hostname/wps.ear/wps.war/themes/html/theme_name/ToolBarInclude.jsp file that is located in the subdirectory of each theme.
- Re-enable the Manage Users and Groups portlet manipulation of users by restoring the backup copy of the wp_root/installedApps/Principals manager (PA_1_0_3K).ear/PA_1_0_3K.war/WEB-INF/jsp/groupmembers.jsp file.
- If you used Tivoli Access Manager for authentication, use the WebSphere Application Server Administrative Console to disable the WebSEAL TAI:
- In the WebSphere Application Server Administrative Console, click Security Authentication mechanisms LTPA. Click Trust Association under Additional Properties.
- Deselect the Trust Association Enabled check box.
- Click OK; then click Save.
- Restart WebSphere Application Server.
- If you used Tivoli Access Manager for authentication, reverse any changes that you made to the login and logout pages:
- Restore the backup copies of the was_root/installedApps/node_name/wps.ear/wps.war/themes/html/theme_name/ToolBarInclude.jsp files in the appropriate themes subdirectories.
- Restore the backup copy of the was_root/installedApps/node_name/wps.ear/wps.war/WEB-INF/web.xml file.
- Restore the backup copy of the <wp_root>/shared/app/config/services/ConfigService.properties file.
- Restart WebSphere Application Server.
- If necessary, uninstall any Tivoli Access Manager components.
See also
- WebSphere Application Server V5.0 documentation
- Tivoli Access Manager documentation
- Using Tivoli Access Manager with WebSphere Portal
WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.
Tivoli is a trademark of the IBM Corporation in the United States, other countries, or both.