Administration guide > Secure the deployment environment > Tutorial: Security in a mixed environment > Module 2: Configure authentication


Secure the deployment environment > Tutorial: Integrate WebSphere eXtreme Scale security in a mixed environment with an external authenticator > Module 2: Configure WebSphere eXtreme Scale authentication in a mixed environment >

< Previous | Next >


Lesson 2.4: Install and run the sample

After authentication is configured, you can install and run the sample application.


Create a shared library for the EmployeeData.jar file

  1. In the WebSphere Application Server administrative console, open the Shared Libraries page. Click Environment > Shared libraries.

  2. Choose the cell scope.

  3. Create the shared library. Click New. Enter EmployeeManagementLIB as the Name. Enter the path to the EmployeeData.jar in the classpath, for example, samples_home/WASSecurity/EmployeeData.jar.

  4. Click Apply.


Install the sample

  1. Install the EmployeeManagement_extauth.ear file under the samples_home/security_extauth directory.

    The EmployeeManagement_extauth.ear file is different from the samples_home/WASSecurity/EmployeeManagement.ear file. The manner in which the ObjectGrid session is retrieved has been updated to use the credential that is cached in the client property file in the EmployeeManagement_extauth.ear application. See the comments in the com.ibm.websphere.sample.xs.DataAccessor class in the samples_home/WASSecurity/EmployeeManagementWeb project to see the code that was updated for this change.

    1. To begin the installation, click Applications > New application > New Enterprise Application. Choose the detailed path for installing the application.

    2. On the Map modules to servers step, specify the appCluster cluster to install the EmployeeManagementWeb module.

    3. On the Map shared libraries step, select the EmployeeManagementWeb module.

    4. Click Reference shared libraries. Select the EmployeeManagementLIB library.

    5. Map the webUser role to All Authenticated in Application's Realm.

    6. Click OK.
    The clients run in the s1 and s2 servers in this cluster.

  2. Install the sample XSDeployment.ear file that is in the samples_home/WASSecurity directory.

    1. To begin the installation, click Applications > New application > New Enterprise Application. Choose the detailed path for installing the application.

    2. On the Map modules to servers step, specify the xsCluster cluster to install the XSDeploymentWeb web module.

    3. On the Map shared libraries step, select the XSDeploymentWeb module.

    4. Click Reference shared libraries. Select the EmployeeManagementLIB library.

    5. Click OK.
    The xs1 and xs2 servers in this cluster host the container servers.

  3. Verify that the catalog server is started. For more information about starting a catalog server for this tutorial, see Start the catalog server with security enabled.

  4. Restart the xsCluster cluster. When the xsCluster starts, the XSDeployment application starts, and a container server is started on the xs1 and xs2 servers respectively. If you look at the SystemOut.log file of the xs1 and xs2 servers, the following message that indicates the server properties file is loaded is displayed:

    CWOBJ0913I: Server property files have been loaded: 
    samples_home/security_extauth/server3.props.
    

  5. Restart the appClusters cluster. When the cluster appCluster starts, the EmployeeManagement application also starts. If you look at the SystemOut.log file of the s1 and s2 servers, you can see the following message that indicates that the client properties file is loaded.

    CWOBJ0924I: The client property file {0} has been loaded.
    

    If you are using  WebSphere eXtreme Scale Version 7.0, the English-only CWOBJ9000I message displays to indicate that the client property file has been loaded. If you do not see the expected message, verify that you configured the -Dobjectgrid.server.props or -Dobjectgrid.client.props property in the JVM argument. If you do have the properties configured, make sure the dash (-) is a UTF character.


Run the sample application

  1. Run the management.jsp file. In a web browser, access http://<your_servername>:<port>/EmployeeManagementWeb/management.jsp. For example, you might use the following URL: http://localhost:9080/EmployeeManagementWeb/management.jsp.

  2. Provide authentication to the application. Enter the credentials of the user that you mapped to the webUser role. By default, this user role is mapped to all authenticated users. Type any valid user name and password, such as the administrative user name and password. A page to display, add, update, and delete employees displays.

  3. Display employees. Click Display an Employee. Enter emp1@acme.com as the email address, and click Submit. A message displays that the employee cannot be found.

  4. Add an employee. click Add an Employee. Enter emp1@acme.com as the email address, enter Joe as the first name, and Doe as the last name. Click Submit. A message displays that an employee with the emp1@acme.com address has been added.

  5. Display the new employee. Click Display an Employee. Enter emp1@acme.com as the email address with empty fields for the first and last names, and click Submit. A message displays that the employee has been found, and the correct names are displayed in the first name and last name fields.

  6. Delete the employee. Click Delete an employee. Enter emp1@acme.com and click Submit. A message is displayed that the employee has been deleted.

Because the catalog server transport type is set to TCP/IP, verify that the server s1 and s2 outbound transport setting is not set to SSL-Required. Otherwise, an exception occurs. If you look at the system out file of the catalog server, logs/cs1/SystemOut.log file, the following debug output to indicates the key store authentication:

SystemOut     O [KeyStoreLoginModule] initialize: Successfully loaded key store
SystemOut     O [KeyStoreLoginModule] login: entry
SystemOut     O [KeyStoreLoginModule] login: user entered user name: manager
SystemOut     O   Print out the certificates: 
...


Lesson checkpoint

You installed and ran the sample application.

< Previous | Next >