Enable the AJAX proxy to forward user credentials

Edit the proxy configuration template file to instruct the Connections server to accept LTPA tokens or the TAM or SiteMinder cookies in an SSO environment. This task is necessary to configure single sign-on between IBM Connections, and the servers defined in the proxy configuration file to forward a specific list of cookies.

1. To have all applications pass LTPA tokens, access the common AJAX proxy configuration template file proxy-config.tpl).
   cd app_server_root/profiles/Dmgr01/bin
   ./wsadmin.sh -lang jython -user wasadmin -password admin_password
   execfile("connectionsConfig.py")
   LCConfigService.checkOutProxyConfig("temp_directory","cell_name")

   To have only a single application able to pass LTPA tokens, access the custom proxy configuration template file created for that application.

   cd app_server_root/profiles/Dmgr01/bin
   ./wsadmin.sh -lang jython -user wasadmin -password admin_password
   ./execfile("appnameConfig.py")
   application_nameConfigService.checkOutProxyConfig("/tmp","cell_name")

   ...where appnameConfig.py is one of...

   • activitiesAdmin.py
   • communitiesAdmin.py
   • homepageAdmin.py
   • profilesAdmin.py

   ...and application_name is...

   • ActivitiesConfigService.checkOutProxyConfig("/tmp", "cell_name")
   • CommunitiesConfigService.checkOutProxyConfig("/tmp", "cell_name")
   • HomepageCellConfig.checkOutProxyConfig("/tmp", "cell_name")
   • ProfilesConfigService.checkOutProxyConfig("/tmp", "cell_name")

2. Edit the proxy configuration template file

3. To allow cookies for LTPA tokens to be passed to the applications:

   <proxy:cookies>
       <proxy:cookie>JSESSIONID</proxy:cookie>
       <proxy:cookie>LtpaToken</proxy:cookie>
       <proxy:cookie>LtpaToken2</proxy:cookie>
   </proxy:cookies>

   For a TAM or SiteMinder SSO environment, include the following declarations:

   <proxy:cookies>
       <proxy:cookie>DomAuthSessId</proxy:cookie>
       <proxy:cookie>LtpaToken</proxy:cookie>
       <proxy:cookie>LtpaToken2</proxy:cookie>
       <proxy:cookie>Shimmer</proxy:cookie>
       <proxy:cookie>ShimmerS</proxy:cookie>
       <proxy:cookie>iwaSSL</proxy:cookie>
       <proxy:cookie>iwaSSL2</proxy:cookie>
       <proxy:cookie>JSESSIONID</proxy:cookie>
       <proxy:cookie>has</proxy:cookie>
       <proxy:cookie>PD-H-SESSION-ID</proxy:cookie><!-- TAM -->
       <proxy:cookie>PD-S-SESSION-ID</proxy:cookie><!-- TAM -->
       <proxy:cookie>SMIDENTITY</proxy:cookie><!-- SiteMinder -->
       <proxy:cookie>SMSESSION</proxy:cookie><!-- SiteMinder -->
   </proxy:cookies>

4. Save and close the file.

5. Check in the proxy configuration template file during the same session in which you checked it out...

   For proxy-config.tpl...

   LCConfigService.checkInProxyConfig("/tmp", "cell_name")

   For a custom template file...

   • ActivitiesConfigService.checkInProxyConfig("temp_directory", "cell_name")
   • CommunitiesConfigService.checkInProxyConfig("temp_directory", "cell_name")
   • HomepageCellConfig.checkInProxyConfig("temp_directory", "cell_name")
   • ProfilesConfigService.checkInProxyConfig("temp_directory", "cell_name")

6. Restart the application server hosting IBM Connections.

Parent topic:
Configure the AJAX proxy