Interoperating with previous product versions

 

Before you begin

IBM WAS interoperates with the previous product versions such as V5.x. Interoperability is achieved only when the Lightweight Third Party Authentication (LTPA) authentication mechanism and Lightweight Directory Access Protocol (LDAP) user registry are used. Credentials derived from Simple WebSphere Authentication Mechanisms (SWAM) are not forwardable.

 

Procedure

  1. Enable security with the LTPA authentication mechanism and the LDAP user registry. Verify the same LDAP user registry is shared by all the product versions.

  2. Extract and add server certificates into the server key ring file of the previous version.

    1. Open the server key ring file using the key management utility (iKeyman) and extract the server certificate to a file.

    2. Open the server key ring of the previous product version, using the key management utility and add the certificate extracted from WAS v6.x.

  3. Extract and add server certificates into the server key ring file of the previous version.

    1. Open the server key ring file using the key management utility (iKeyman) and extract the server certificate to a file.

    2. Open the server key ring of the previous product version, using the key management utility and add the certificate extracted from the product.

  4. Extract and add trust certificates into the trust key ring file of the previous product version.

    1. Open the trust key ring file using the key management utility and extract the trust certificate to a file.

    2. Open the trust key ring file of the previous product version using the key management utility and add the certificate extracted from the product.

  5. If single signon (SSO) is enabled, export keys from the product and import them into the previous product version.

  6. Verify that the application uses the correct JNDI name. In WebSphere Application Server v6.x, the enterprise beans are registered with long JNDI names like, (top)/nodes/node/servers/servername/HelloHome. Whereas in previous releases, enterprise beans are registered under a root like, (top)/HelloHome. Therefore, EJB applications from previous versions perform a lookup on the v6.x enterprise beans.

    We can also create EJB name bindings that are compatible with the previous version. To create an EJB name binding at the root v6.x, start the administrative console and click Environment > Naming > Naming Space Bindings > New > EJB > Next. Complete all the fields and enter a short name (for example, -HelloHome) as the JNDI Name. Click Next and Finish.

  7. Stop and restart all the servers.

  8. Verify the correct naming bootstrap port is used to perform naming lookup. In previous product versions, the naming bootstrap port is 900. In v6.x, the bootstrap port is 2809.