+

Search Tips   |   Advanced Search

Enable locked domains for OpenSocial


To ensure that only the Connections OpenSocial application is mapped to the locked domain host, we specify an additional atrribute in LotusConnections-config.xml.

Only ConnectionsCommon.ear is be mapped to the locked host. Although no SSO tokens will be flowing from the host, this extra precaution limits exposure of the Connections infrastructure to potentially malicious gadgets.

  1. Check out the Connections configuration files:

      cd $DMGR_PROFILE/bin
      ./wsadmin.sh -lang jython
      execfile("connectionsConfig.py")
      LCConfigService.checkOutConfig("/tmp", "cell_name")

    To determine cell_name:

  2. Edit LotusConnections-config.xml

    ...and add... 

      <sloc:serviceReference bootstrapHost="{locked.host.name}" 
                       bootstrapPort="2809" 
                       clusterName="" 
                       enabled="true" 
                       serviceName="opensocialLocked" 
                       ssl_enabled="true">

        <sloc:href>
            <sloc:hrefPathPrefix>/connections/opensocial</sloc:hrefPathPrefix>
            <sloc:static href="http://{locked.host.name.authority/http}" 
                         ssl_href="https://{locked.host.name.authority/https}"/>
            <sloc:interService href="https://{locked.host.name.authority/https}"/>
        </sloc:href>

    </sloc:serviceReference>

  3. Save LotusConnections-config.xml.

  4. Check in the files and sync nodes...

      LCConfigService.checkInConfig()
      synchAllNodes()

  5. Restart the Connections server.

Example configuration:


Parent topic:
Post-installation tasks


See also