Update security settings for business process applications

 

+

Search Tips   |   Advanced Search

 

  1. Unconfigure the existing business process container using...

    WPSconfig bpe-unconfig

  2. Edit...

    portal_root/config/helpers/bpeconfig.properties

    ...and set values for each of the following business process configuration parameters...

    • adminBFMUsers
      adminBFMGroups

    • adminHTMUsers
      adminHTMGroups

    • monitorBFMUsers
      monitorBFMGroups

    • monitorHTMUsers
      monitorHTMGroups

    • jmsBFMRunAsUser
      jmsBFMRunAsPwd

    • jmdHTMRunAsUser
      jmdHTMRunAsPwd

    • mqUser
      mqPwd

  3. If you use a database other than Cloudscape, execute the appropriate ddl files for creating the database. We can find the ddl files needed in the directory...

    app_server_root/ProcessChoreographer

    For example, for DB2, execute...

    createDatabaseDb2.ddl

    ...which implicitly executes...

    createSchemaDb2.ddl

    ...and optionally execute...

    createTableSpaceDb2.ddl

    The scripts contain short descriptions of how they are invoked.

  4. Configure the business process container using...

    WPSconfig bpe-config

  5. Adapt the J2C authentication alias for SCA, which is the alias to login to a secured SIBus.

    1. Open the administrative console.

    2. Click...

      Security | Global Security | JAAS Configuration | J2C Authentication data | SCA_Auth_Alias

    3. Adapt the user name and the password.

    4. Click OK.

    If you have switched to an LDAP based user registry, specify the full distinguished name here.

  6. Adapt the J2C authentication alias for the CEI JMS Topics and Queues.

    This is the alias used by SCA to login to a secured SIBus.

    1. Open the administrative console.

    2. Click...

      Security | Global Security | JAAS Configuration | J2C Authentication data | CommonEventInfrastructureJMSAuthAlias

    3. Adapt the user name and the password.

    4. Click OK.

    If you have switched to an LDAP based user registry, specify the full distinguished name here.

  7. Adapt the J2C authentication alias for the the WMM EJB. This is the alias used to access the WMM EJB.

    1. Open the administrative console.

    2. Click...

      Security | Global Security | JAAS Configuration | J2C Authentication data | WMMEJB_AccessAlias

    3. Adapt the user name and the password.

    4. Click OK.

    If you have switched to an LDAP based user registry, specify the full distinguished name here.

  8. Reconfigure the WMM staff plug-in. Update...

    AppServer\ProcessChoreographer\Staff\MemberManagerTransformation.xml

    At a minimum the following properties need to be updated... 

    <xsl:variable name="DefaultSearchBase">
    o=Default Organization </xsl:variable>

<xsl:variable name="DefaultGroupNameSuffix">
    o=Default Organization </xsl:variable>

<xsl:variable name="DefaultDepartmentNameSuffix">
    o=Default Organization </xsl:variable>

<xsl:variable name="DefaultRoleNameSuffix">
    o=Default Organization </xsl:variable>

  9. Run...

    WPSconfig wpc-membermanager-cfg -DWpsBootstrapPort=port

  10. Restart the portal server.

 

Parent topic:

Configure the business process container for the portal

 

Related concepts

Member Manager staff plug-in provider

 

Related tasks

Update the database for the business process container

 

Related reference:

Business process configuration parameters