Configure IBM Lotus Instant Messaging, Web Conferencing, and WebSphere Portal to work together

 


 

Content

  1. Configuration tasks
  2. How awareness works in the portal
  3. Configure single signon between WebSphere Portal and LIM and Web Conferencing
  4. Configure LIM and Web Conferencing settings to support WebSphere Portal
  5. Configure the Lotus Web Conferencing portlet
  6. Copy files between the LIM and Web Conferencing and WebSphere Portal

 

 

Overview

The following instructions include a configuration task that you run at a command line. Specifically, this task will configure WebSphere Portal to recognize the presence of LIM and Web Conferencing so that it can be used by the Lotus Collaborative Services. run this task if you intend to use LIM and Web Conferencing and the Lotus Collaborative Services provided with WebSphere Portal.

have installed WebSphere Portal and LIM and Web Conferencing for this task to complete successfully.

Commands are case sensitive.

If you are running with security enabled on WebSphere Application Server, specify a user ID and password for security authentication when entering the stopServer command to stop a server.

For example:

stopServer WebSphere_Portal -user was_admin_userid -password was_admin_password

For security reasons, not store passwords in the wpconfig.properties file. It is recommended that you edit the wpconfig.properties prior to running a configuration task, inserting the passwords needed for that task. Then, after the task has run, you should delete all passwords from the wpconfig.properties file.

Alternatively, you can specify the password on the command line using the following syntax:

  WPSconfig.{sh|bat} task_name -Dpassword_property_key=password_value

As with other properties, each password property must have the -D prefix and be set equal to (=) a value. If you have multiple properties in a single command, use a space character between each -Dproperty=value setting.

 

 

Run the configuration task

To perform the configuration task, do the following:

  1. Stop WebSphere Portal...

    cd $WAS_HOME/bin
    stopServer WebSphere_Portal

    If you intend to use Domino Directory with LIM and Web Conferencing, follow the steps for Configure Lotus Collaborative Services to use Domino Directory.

  2. Make a backup copy of <wp_root>/config/wpconfig.properties

    Edit <wp_root>/config/wpconfig.properties and enter the values appropriate for your environment.

     

    Collaborative Services Properties

    Property Description Recommended Default
    LCC.Sametime.Enabled Determines whether LIM and Web Conferencing is enabled.

    Set LCC.Sametime.Enabled to true enables this component. Setting the value to false disables it.

    true false
    LCC.Sametime.Server Name of the LIM and Web Conferencing server. my.server.com my.server.com
    LCC.Sametime.Protocol Protocol used to connect to the LIM and Web Conferencing server. http http
    LCC.Sametime.Port Port number for the LIM and Web Conferencing server. 80 80

  3. Save the file.

  4. Run the configuration task:

    # cd $WP_HOME/config 
    
    # WPSconfig.sh lcc-configure-sametime \ -DDBPassword=password \ -DWmmDbPassword=password

    Note that you can configure all Lotus Collaborative Services by setting values in wpconfig.properties, and then running...

    WPSconfig.sh lcc-configure-all
    

  5. Check the output for any error messages.

  6. Start WebSphere Portal...

    $WAS_HOME/bin.
    startServer WebSphere_Portal

 

 

How awareness works in the portal

When a user signs into portal, the Collaborative Services will look into the CSEnvironment.properties file to see if LIM is enabled. If it is, Collaborative Services authenticates the user with the LIM server, and builds the stlinks applet into the user's browser. After the user is authenticated with the LIM server, the user should see the following on every page source in WebSphere Portal:

<script type="text/javascript" language="Javascript">

    if (typeof writeSTLinksApplet == "function")
        writeSTLinksApplet("uid=wpsadmin,cn=users,o=ibm,c=us", 
                           "<token written here>", 
                           true);

</script>

The stlinks applet handles all awareness in the portal. If a portlet is enabled to show awareness, it will send names to show awareness to stlinks. Stlinks will in turn contact the LIM server directly to determine the user's status (active, away, do not disturb, or not online), and pass this information back to the portlet to show the user's status in the portlet.

If the stlinks applet does not load after configuring single signon between WebSphere Portal and LIM, see the following technote to continue troubleshooting the issue:

Technote 1163790: Troubleshooting Sametime Awareness in WebSphere Portal at http://www.ibm.com/support/docview.wss?rs=0&uid=swg21163790.

 

 

Configure single signon between WebSphere Portal and LIM and Web Conferencing

The following steps show how to configure single signon between WebSphere Portal and LIM and Web Conferencing when both servers are using IBM Directory Server for their LDAP source.

Important: The LIM and Web Conferencing installation automatically creates a Web SSO configuration document, if one does not exist prior to installation. If so, delete the document, and proceed with the steps in this section. The steps in this section assume that no Web SSO configuration document exists in Domino. To see if a document exists, perform the following steps:

  1. Use a Notes client to open the names.nsf file on the Domino server with which you are working.

  2. Click Configuration - Web Configurations to open the Web Configurations view.

  3. If you see a -Web SSO Configurations- triangle with a Web SSO Configuration for LTPA document, the Web SSO configuration document already exists. If this Web SSO configuration document already exists, do one of the following:

    • If the document already contains the WebSphere LTPA key, perform the following steps:

      1. Open the document on the server where it was created, and add this Domino server to the Domino Server Names field.

      2. Replicate the change to this Domino server. For example, issue the following command on the Domino server console: rep server/org names.nsf

      3. Restart Domino for the change to take effect.

    • If the Web SSO configuration document contains a different, key or if you are unsure if it is the same key exported from your WebSphere Portal, delete the key, replicate this change around to the other Domino server, and re-create it with the steps provided.

 

 

Create the WebSphere LTPA key

This section provides instructions for creating the required WebSphere LTPA key.

Note: If you have already created the WebSphere LTPA key for another application (for example, Tivoli Access Manager, QuickPlace, or Sametime) you can skip this step, and then proceed to Import the key into Domino.

Perform the following steps:

  1. Start the WebSphere Administration Console and log in.

  2. Select Security - Authentication Mechanisms - LTPA.

  3. Type a password in the Password field and provide a name path and file name for in the Key File Name field.

    Tip: Remember the password because type it when you import the LTPA key into the Domino server.

  4. Click the Export Keys button.

  5. Click Save to apply the changes to the master configuration.

  6. Click Save on the next screen.

  7. Log out from the WebSphere Administration Console.

  8. Copy the key file that you created to a location that is accessible to the Domino machine.

 

 

Import the WebSphere LTPA key into Domino

The following steps show how to create the Web SSO configuration document in LIM and Web Conferencing and import the WebSphere LTPA key for LIM and Web Conferencing to use for single signon.

Perform the following steps:

  1. Start the Domino administrative console.

  2. Open the address book for the server.

  3. Change to the Server - Servers view.

  4. Click the Web button, and then select Create Web SSO Configuration.

  5. Type the domain suffix in the Token Domain field. This should match the Domain Name you entered in the portal server.

  6. Add the Domino hierarchical name of the Domino servers that will participate in the SSO domain in the Domino Server Names field. You do not need to enter the names of the WebSphere Application Server.

  7. Select Import WebSphere LTPA keys from the Keys menu, and then click OK.

  8. Type the path and name of LTPA key file, and then click OK.

  9. Type the password for the LTPA key and then click OK.

  10. Click OK to the message that states that the key import is successful.

  11. Click the Basics tab and add a \ to the LDAP Realm field so that it reads yourhostname\:389.

  12. Click Save and Close.

 

 

Enable multi-server single signon authentication

Note: The LIM and Web Conferencing automatically enables multi-server authentication, but check the following settings to ensure that it is properly configured.

  1. Open the server document of the Domino server.

  2. Click the Internet Protocols tab, and then the Domino Web Engine tab.

  3. Next to Session authentication, select Multi-server.

  4. Click Save and close.

  5. Exit the Domino administrative client.

  6. Restart the Domino server.

 

 

Test single signon between WebSphere Portal and LIM and Web Conferencing

Perform the following steps:

  1. Sign on to WebSphere Portal.

  2. Change the URL in the browser to http://yourInstantMessagingServer.yourDomain.com/stcenter.nsf Your name should appear at the top right corner.

Note: If your name does not appear, troubleshoot single signon

 

 

Configure LIM and Web Conferencing settings to support WebSphere Portal

WebSphere Portal uses a LIM and Web Conferencing server application to reterive a users buddy list in the Sametime Contact List portlet, and to build the credentials used for awareness if UseLTPAToken is set to false in the csenvironment.properties file. To allow this connectivity to work, perform the following steps:

  1. Add the ips to the Community Trusted IPS field located in the Community Connectivity document in the stconfig.nsf database. Adding this setting will restrict access to LIM and Web Conferencing services to only the listed IP addresses. IP addresses not listed in this field will not be able to connect to the Web Conferencing Server and will generate the following error in the sametime.log file Rejecting server component <ip address> not in trusted server ips list.

  2. Set a security level by editing the Sametime.ini file:

    1. Use a text editor to open the Sametime.ini file.

    2. Do one of the following to set a security level:

      • In a test or development environment, you can configure to accept all IP addresses as trusted. To do this, add the following line to the Debug section:

        [Debug]
        VPS_BYPASS_TRUSTED_IPS=1
        

      • In a production environment, you can add the IP address of the portal server machine to the list of IP addresses of trusted servers. To do this, add the following line to the Configuration section:

        [Config]
        VPS_TRUSTED_IPS=trusted IP address, trusted IP address
        

        Notes:

        • Separate your new entry from the previous entry using a comma.

        • Do not enter the hostname. Enter the IP address.

  3. Save and close the Sametime.ini file.

  4. Restart the server.

 

 

Configure the Lotus Web Conferencing portlet

The following additional configuration steps are specific to the Lotus Web Conferencing portlet. You need to point the portlet to your Lotus Web Conferencing server, and tell the portlet how it can authenticate with the Lotus Web Conferencing server to create and search for meetings.

The administrative user you specify in the following procedure must satisfy the following conditions:

  • The user should exist only in the Domino Directory of Lotus Web Conferencing.

  • The user should not be listed in the LDAP used by WebSphere Portal or Lotus Web Conferencing.

  • The user should be an administrator of Lotus Web Conferencing

You can determine the appropriate user identity by performing the following steps:

  1. In your browser, go to the following URL in your browser: http://yourWebConferencingServer.yourDomain.com/stcenter.nsf

  2. Click Administer the Server.

Whatever user name and password you enter here is the user name and password that specify in the portlet parameters.

To set the parameters, perform the following steps:

  1. Log into the portal as a portal administrator.

  2. Click the Administration tab.

  3. Click Portlets - Portlet Management.

  4. Search for and select the Lotus Web Conferencing portlet, and click the wrench icon to modify its parameters.

  5. For the SametimeServerName1 parameter, enter your Lotus Web Conferencing hostname.

  6. For the SametimeUserName1 parameter, enter an administrator for your Lotus Web Conferencing server.

  7. For the SametimePassword1 parameter, enter the administrator's password.

  8. Click Save to save the changes, then Cancel to return to the Modify Parameters page.

If you experience problems creating or searching for meetings with the Lotus Web Conferencing portlet see the following technote:

Technote 1170825: Password Errors When Using Web Conferencing Collaboration Center Portlet at http://www.ibm.com/support/docview.wss?rs=0&uid=swg21170825.

 

 

Mozilla support - Copy files between the LIM and Web Conferencing and WebSphere Portal

Use the following steps to copy the files needed to provide awareness in the Collaboration Center portlets when using Mozilla.

  1. Create a folder named sametime under the wps.war directory on the machine running portal (if one does not exist):

    $WAS_HOME\installedApps\server_name\wps.ear\wps.war

  2. Copy the LIM server stlinks folder to the sametime folder that you created.

  3. If the stlinks.jar file in the stlinks directory is not a signed version, replace it with a signed stlinks.jar file. In LIM 6.5.1 this file is on the LIM server in the folder <server directory>\Data\domino\html\sametime\stlinks\signed.

 

 

Next steps

You have completed this step. Continue to the next step by choosing one of the following topics.

 

 

See also


Home | Support | Terms of use | Feedback

 

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.

 

IBM is a trademark of the IBM Corporation in the United States, other countries, or both.

 

Tivoli is a trademark of the IBM Corporation in the United States, other countries, or both.