Configure a property extension database on Solaris

Configure WebSphere Portal to use a property extension to store additional attributes that cannot be stored in the LDAP user registry.

In a single server environment the WebSphere_Portal and server1 servers can be either stopped or started.

In a clustered environment stop all appservers on the system including WebSphere_Portal and server1 and then start the nodeagent and deployment manager servers before starting the following task. Configure a property extension for the user registry model:

Use the wp_add_LA.properties helper file, located in...

...when performing this task to ensure the correct properties are entered. In the instructions below, when the step refers to wkplc.properties, you will use your wp_add_LA.properties helper file.

  1. Install the .ear file for adding properties...

    Option Description
    Standalone cd profile_root/ConfigEngine
    ./ConfigEngine.sh wp-la-install-ear -DWasPassword=password
    Cluster

    From the primary node, run...

      cd profile_root/ConfigEngine
      ./ConfigEngine.sh wp-la-install-ear -DWasPassword=dmgr_password -DServerName=dmgr_server_name -DNodeName=node_name

    Where the default value for dmgr_server_name is dmgr; you can look up the dmgr_server_name value in the admin console under System administrator > Deployment Manager > Configuration tab > General Properties > Name.

    Where node_name is the name of the node where the deployment manager resides; you can look up the node_name value in the admin console under System administrator > Deployment Manager > Runtime tab > General Properties > Node Name.

  2. Propagate the security changes:

    Option Description
    Standalone

    1. cd profile_root/bin
      ./stopServer.sh server1 -username admin_userid -password admin_password

    2. cd profile_root/bin
      ./stopServer.sh WebSphere_Portal -username admin_userid -password admin_password

    3. cd profile_root/bin
      ./startServer.sh server1

    4. cd profile_root/bin
      ./startServer.sh WebSphere_Portal

    Cluster

    1. cd dmgr_profile/bin
      ./stopManager.sh-username admin_userid -password admin_password

    2. cd profile_root/bin
      ./stopNode.sh -username admin_userid -password admin_password

    3. cd profile_root/bin
      ./stopServer.sh WebSphere_Portal -username admin_userid -password admin_password

    4. cd dmgr_profile/bin
      ./startManager.sh

    5. cd profile_root/bin
      ./startNode.sh

    6. cd profile_root/bin
      ./startServer.sh WebSphere_Portal

  3. Set up a new database, including creating a new user with appropriate WebSphere Portal privileges for accessing the database:

    See the appropriate database files in the WebSphere Portal Information Center about setting up databases and creating users for detailed information.

    Option Description
    DB2 To create a DB2 database:

    1. Install DB2.

    2. Enter the following database tuning commands:

      db2 "CREATE DB dbname using codeset UTF-8 territory us PAGESIZE 8192"
      db2 "UPDATE DB CFG FOR dbname USING applheapsz 4096"
      db2 "UPDATE DB CFG FOR dbname USING app_ctl_heap_sz 1024"
      db2 "UPDATE DB CFG FOR dbname USING stmtheap 32768"
      db2 "UPDATE DB CFG FOR dbname USING dbheap 2400"
      db2 "UPDATE DB CFG FOR dbname USING locklist 1000"
      db2 "UPDATE DB CFG FOR dbname USING logfilsiz 4000"
      db2 "UPDATE DB CFG FOR dbname USING logprimary 12"
      db2 "UPDATE DB CFG FOR dbname USING logsecond 20"
      db2 "UPDATE DB CFG FOR dbname USING logbufsz 32"
      db2 "UPDATE DB CFG FOR dbname USING avg_appls 5"
      db2 "UPDATE DB CFG FOR dbname USING locktimeout 30"
      db2 "UPDATE DB CFG FOR dbname using AUTO_MAINT off"
      

    Oracle To create an Oracle database:

    1. Install Oracle using UNICODE Database and National character sets such as UTF8, AL32UTF8, or AL16UTF16.

    2. Configure the database in Dedicated Server Mode.

    3. Enter the recommended initial buffer pool sizes or set them according to your business needs:

      • db_block_size = 8192

      • db_cache_size = 300M

      • db_files = 1024

      • log_buffer = 65536

      • open_cursors = 1500

      • pga_aggregate_target = 200M

      • pre_page_sga = true

      • processes = 300

      • shared_pool_size = 200M

    SQL Server To create an SQL Server database:

    1. Install SQL Server.

    2. Set Collation to case-sensitive.

  4. Perform the following steps to define the DbDriver and DbLibrary parameter values:

    1. Edit wkplc_dbtype.properties, located in...

        profile_root/ConfigEngine/properties

    2. Enter a value for the following parameters under the appropriate database type properties heading:

      • db_type.DbDriver

      • db_type.DbLibrary

    3. Save changes.

  5. Edit...

      profile_root/ConfigEngine/properties/wkplc.properties

  6. Enter a value for the following parameters under the VMM Property Extension Properties heading:

    Important cluster information: Add the following parameters to wkplc.properties if you have a clustered production environment:

    • la.schemaLocation=WAS_install_location_on_DMGR/AppServer/etc/wim/setup

    • la.laPropXML=WAS_install_location_on_DMGR/AppServer/etc/wim/setup/wimlaproperties.xml

    where WAS_install_location_on_DMGR is the local path on your deployment manager node.

  7. Save changes to wkplc.properties.

  8. Edit the soap.client.props file, located in...

      wp_profile/properties
    Change the com.ibm.SOAP.requestTimeout value to 1000.

  9. Perform the following steps in a clustered environment:

    1. Run...

        ./ConfigEngine.sh wp-prep-vmm-db-secured-environment -DWasPassword=password -DDbDomain=la|federated.db -Ddb_type.DmgrDbLibrary=/path/to/DB/jars/on/Dmgr -DDmgrNodeName=dmgr_node_name

      ...from...

        profile_root/ConfigEngine

      ...to create the local Deployment Manager WebSphere variable used to access the database jars.

      Where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db). The db_type in db_type.DmgrDbLibrary should be set to the type of database you are using, for example db2.

      The /path/to/DB/jars/on/Dmgr should be one of the following options:

      • DB2 Type 4 driver:

        db2jcc.jar:db2jcc_license_cu.jar

      • DB2 for z/OS Type 4 driver:

        db2jcc_license_cisuz.jar;db2jcc_javax.jar

      • Oracle 10g Type 4 driver:

        ojdbc14.jar

      • Oracle 11g Type 4 driver (WAS V6.1):

        ojdbc5.jar

      • Oracle 11g Type 4 driver (WAS V7):

        ojdbc6.jar

      • SQL Server JDBC driver provided by Microsoft:

        sqljdbc.jar

      • SQL Server JDBC driver provided by DataDirect:

        sqlserver.jar;base.jar;util.jar

    2. If you configured a database user registry or a property extension database, run the following task for EACH WebSphere Portal node that participates in the cluster to set up access to the database drivers; if multiple nodes share the same database library path you can submit a comma separated list of node names:

      This task does not need to be executed from the node identified in the VmmNodeName parameter.

      1. Set the property value for federated.db.DbType if using a database user registry and set the property value for la.DbType if using a property extension database in wkplc.properties.

      2. Run...

          ./ConfigEngine.sh wp-node-prep-vmm-db-secured-environment -DWasPassword=password -DDbDomain=la|federated.db -DVmmNodeName=node_name -Ddb_type.NodeDbLibrary=/path/to/DB/jars

        ...from

          profile_root/ConfigEngine

        ...on each node to create the variable used to access the VMM database jars. Where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db). VmmNodeName is a list of one or more WebSphere Portal nodes names in the cell which share the same database driver paths. The db_type in db_type.NodeDbLibrary should be set to the type of database you are using, for example db2.

        The /path/to/DB/jars should be one of the following options:

        • DB2 Type 4 driver:

          db2jcc.jar:db2jcc_license_cu.jar

        • DB2 for z/OS Type 4 driver:

          db2jcc_license_cisuz.jar;db2jcc_javax.jar

        • Oracle 10g Type 4 driver:

          ojdbc14.jar

        • Oracle 11g Type 4 driver (WAS V6.1):

          ojdbc5.jar

        • Oracle 11g Type 4 driver (WAS V7):

          ojdbc6.jar

        • SQL Server JDBC driver provided by Microsoft:

          sqljdbc.jar

        • SQL Server JDBC driver provided by DataDirect:

          sqlserver.jar;base.jar;util.jar

    3. Run...

        ./ConfigEngine.sh wp-connect-database-vmm -DWasPassword=password -DDbDomain=la|federated.db

      ...to connect to the VMM database, where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db).

    4. Cycle all necessary servers to propagate changes.

  10. Run...

      ./ConfigEngine.sh wp-configure-la-complete -DWasPassword=password

    ...from

      profile_root/ConfigEngine

    ...to add a property extension repository to the federated or standalone LDAP repository.

  11. Propagate the security changes:

    Option Description
    Standalone

    1. cd profile_root/bin
      ./stopServer.sh server1 -username admin_userid -password admin_password

    2. cd profile_root/bin
      ./stopServer.sh WebSphere_Portal -username admin_userid -password admin_password

    3. cd profile_root/bin
      ./startServer.sh server1

    4. cd profile_root/bin
      ./startServer.sh WebSphere_Portal

    Cluster

    1. cd dmgr_profile/bin
      ./stopManager.sh-username admin_userid -password admin_password

    2. ./stopNode.sh -username admin_userid -password admin_password

      ...from...

        profile_root/bin

    3. cd profile_root/bin
      ./stopServer.sh WebSphere_Portal -username admin_userid -password admin_password

    4. cd dmgr_profile/bin
      ./startManager.sh

    5. ./startNode.sh

      ...from...

        profile_root/bin

    6. cd profile_root/bin
      ./startServer.sh WebSphere_Portal

  12. Enter a value for the following parameters under the VMM Property Extension Properties heading:

    A complete overview of valid dataType values can be found in the Configure a property extension repository in a federated repository configuration file in WAS v6.1 or in the Configure a property extension repository in a federated repository configuration file in WAS v7.0. All constant values of DATA_TYPE_* fields are valid input for la.dataType.

  13. Run...

      ./ConfigEngine.sh wp-add-la-property -DWasPassword=password

    ...from...

      profile_root/ConfigEngine

    ...to add a new property to the property extension configuration. Then perform the following steps if you use any of the following Web Content Management features:

    1. Enter the la.providerURL parameter value in wkplc.properties if you have not already provided a value for the parameter.

    2. Run...

        ./ConfigEngine.sh add-wcm-la-attributes -DWasPassword=password

    These tasks perform an EJB call to WAS, which must authenticate against WAS. Depending on the configuration in sas.client.props, you may receive a popup window or a command line prompt asking for user identity and password. Enter the WAS user ID and password.

  14. Propagate the security changes:

    Option Description
    Standalone

    1. cd profile_root/bin
      ./stopServer.sh server1 -username admin_userid -password admin_password

    2. cd profile_root/bin
      ./stopServer.sh WebSphere_Portal -username admin_userid -password admin_password

    3. cd profile_root/bin
      ./startServer.sh server1

    4. cd profile_root/bin
      ./startServer.sh WebSphere_Portal

    Cluster

    1. cd dmgr_profile/bin
      ./stopManager.sh-username admin_userid -password admin_password

    2. ./stopNode.sh -username admin_userid -password admin_password

      ...from...

        profile_root/bin

    3. cd profile_root/bin
      ./stopServer.sh WebSphere_Portal -username admin_userid -password admin_password

    4. cd dmgr_profile/bin
      ./startManager.sh

    5. ./startNode.sh

      ...from...

        profile_root/bin

    6. cd profile_root/bin
      ./startServer.sh WebSphere_Portal

If you configured your property extension database on the out-of-the-box security configuration and then configured your LDAP user registry, the properties that you added to the property extension, before configuring LDAP user registry, will not be available. Run...

, described above, to add the property to the configuration.

If you performed these steps after creating the clustered environment, run enable-jcr-security on the secondary node.


Parent topic:

Updating the user registry on Solaris


Related tasks


Enable LDAP security after cluster creation