Configure a property extension database on AIX

 

+

Search Tips   |   Advanced Search

 

Configure IBM WebSphere Portal to use a property extension to store additional attributes that cannot be stored in the LDAP user registry. Ensure that the server1 and WebSphere_Portal servers are started before starting this task.

To configure a property extension for your user registry model:

1. Install the .ear file for adding properties:

   Stand-alone environment...

   cd WP_PROFILE/ConfigEngine
   ./ConfigEngine.sh wp-la-install-ear -DWasPassword=wpsadmin

   For a clustered environment, on the primary node only...

   cd WP_PROFILE/ConfigEngine
   ./ConfigEngine.sh wp-la-install-ear -DWasPassword=wpsadmin -DServerName=server -DNodeName=node

2. To propagate the security changes in a stand-alone environment:

   cd WP_PROFILE/bin
   ./stopServer.sh server1 -username adminid -password passwd
   ./stopServer.sh WebSphere_Portal -username adminid -password passwd
   ./startServer.sh server1
   ./startServer.sh WebSphere_Portal

   To propagate the security changes in a clustered environment:

   cd dmgr_profile_root/bin
   ./stopManager.sh
   cd WP_PROFILE/bin
   ./stopNode.sh -username adminid -password passwd
   ./stopServer.sh server1 -username adminid -password passwd
   ./stopServer.sh WebSphere_Portal -username adminid -password passwd
   cd dmgr_profile_root/bin
   ./startManager.sh
   cd WP_PROFILE/bin
   ./startNode.sh
   ./startServer.sh server1
   ./startServer.sh WebSphere_Portal

3. Set up a new database, including creating a new user with appropriate WebSphere Portal privileges for accessing the database. The following is an example for DB2 and Oracle:

   To create a DB2 database:

   1. Install DB2.

   2. Open a DB2 command window and type...

      db2 create database dbname using codeset UTF-8 territory US

   3. Enter the following database tuning commands:

      db2 "CREATE DB dbname using codeset UTF-8 territory us PAGESIZE 8192"
      db2 "update db cfg for dbname using applheapsz 4096"
      db2 "update db cfg for dbname using app_ctl_heap_sz 1024"
      db2 "update db cfg for dbname using stmtheap 16384"
      db2 "update db cfg FOR dbname using dbheap 2400"
      db2 "update db cfg FOR dbname using locklist 1000"
      db2 "update db cfg FOR dbname using logfilsiz 4000"
      db2 "update db cfg for dbname using logprimary 12"
      db2 "update db cfg for dbname using logsecond 20"
      db2 "update db cfg for dbname using logbufsz 32"
      db2 "update db cfg for dbname using avg_appls 5"
      db2 "update db cfg for dbname using locktimeout 30"
      db2 "update db cfg for dbname using AUTO_MAINT off"

   For Oracle, tables are created when Oracle is configured

4. To define the DbDriver and DbLibrary parameter values:

   1. Edit...

      WP_PROFILE/ConfigEngine/properties/wkplc_dbtype.properties

   2. Enter a value for the following parameters under the appropriate database type properties heading:
      • db_type.DbDriver
      • db_type.DbLibrary

   3. Save changes.

   The WAS UserManagement component (VMM) requires database libraries in the WAS server classpath (appserver/lib). This limitation will be addressed with PK66195. In the meantime if you want to use the VMM database functions such as Property Extension or database user registry, copy the following library files into the appserver/lib directory prior to starting the server:

   DB2 Type 2 driver	db2java.zip
   DB2 Type 4 driver	db2jcc.jar;db2jcc_license_cu.jar
   DB2 for z/OS Type 2 driver	db2java.zip
   DB2 for z/OS Type 4 driver	db2jcc.jar;db2jcc_license_cisuz.jar;db2jcc_javax.jar
   Oracle	ojdbc14.jar

5. Edit...

   WP_PROFILE/ConfigEngine/properties/wkplc.properties

6. Enter a value for the following required parameters in the wkplc.properties file under the VMM Property Extension Properties heading:
   • la.JdbcProviderName
   • la.DbType
   • la.DbUrl
   • la.DbName
   • la.DataSourceName
   • la.DbUser
   • la.DbPassword

7. Save changes to the wkplc.properties file.

8. Edit...

   wp_profile/properties/soap.client.props file

   Change the com.ibm.SOAP.requestTimeout value to 1000 and then save your changes.

9. Perform the following steps in a clustered environment:

   1. Run...

          cd WP_PROFILE/ConfigEngine
         ./ConfigEngine.sh wp-prep-vmm-db-secured-environment \
             -DWasPassword=wpsadmin \
             -DDbDomain=la|federated.db \
             -Ddb_type.DmgrDbLibrary=local_path_database_jars \
             -DDmgrNodeName=dmgr_node
      

      ...to create the local Deployment Manager WebSphere variable used to access the database jars.

      Where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db). The db_type in db_type.DmgrDbLibrary should be set to the type of database you are using, for example db2. The local path of the database jars on the Deployment Manager should be one of the following options:

      DB2 Type 2 driver	db2java.zip
      DB2 Type 4 driver	db2jcc.jar;db2jcc_license_cu.jar
      DB2 for z/OS Type 2 driver	db2java.zip
      DB2 for z/OS Type 4 driver	db2jcc.jar;db2jcc_license_cisuz.jar;db2jcc_javax.jar
      Oracle	ojdbc14.jar

   2. Run the following task for EACH WebSphere Portal node that participates in the cluster to set up access to the database drivers; if multiple nodes share the same database library path you can submit a comma separated list of node names:

      This task does not need to be executed from the node identified in the VmmNodeName parameter.

      1. Set the property value for federated.db.DbType if using a database user registry or if the cell is migrated from a previous version and set the property value for la.DbType if using a property extension database in the wkplc.properties file.

      2. On each node, create the variable used to access the VMM database jars.

            cd WP_PROFILE/ConfigEngine
            ./ConfigEngine.sh wp-node-prep-vmm-db-secured-environment \
                              -DWasPassword=wpsadmin \
                              -DDbDomain=la|federated.db \
                              -DVmmNodeName=node \
                              -Ddb_type.NodeDbLibrary/path/to/DB/jars
         

         Where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db). VmmNodeName is a list of one or more WebSphere Portal nodes names in the cell which share the same database driver paths. The db_type in db_type.NodeDbLibrary should be set to the type of database you are using, for example db2.

         The local full path of the database jars should be one of the following options:

         DB2 Type 2 driver	db2java.zip
         DB2 Type 4 driver	db2jcc.jar;db2jcc_license_cu.jar
         DB2 for z/OS Type 2 driver	db2java.zip
         DB2 for z/OS Type 4 driver	db2jcc.jar;db2jcc_license_cisuz.jar;db2jcc_javax.jar
         Oracle	ojdbc14.jar

   3. To connect to the VMM database, where DbDomain is either la or federated.db depending on whether you are using a property extension database (la) or a database user registry (federated.db).

      ./ConfigEngine.sh wp-connect-database-vmm -DWasPassword=wpsadmin -DDbDomain=la|federated.db task

   4. Stop and restart the deployment manager, the node agent(s), server1, and the WebSphere_Portal servers.

10. Add a property extension repository to the federated or stand-alone LDAP repository.

    cd WP_PROFILE/ConfigEngine
    ./ConfigEngine.sh wp-configure-la-complete -DWasPassword=wpsadmin

11. To propagate the security changes:

    To propagate the security changes in a stand-alone environment:

    cd WP_PROFILE/bin
    ./stopServer.sh server1 -username adminid -password passwd
    ./stopServer.sh WebSphere_Portal -username adminid -password passwd
    ./startServer.sh server1
    ./startServer.sh WebSphere_Portal

    To propagate the security changes in a clustered environment:

    cd dmgr_profile_root/bin
    ./stopManager.sh
    cd WP_PROFILE/bin
    ./stopNode.sh -username adminid -password passwd
    ./stopServer.sh server1 -username adminid -password passwd
    ./stopServer.sh WebSphere_Portal -username adminid -password passwd
    cd dmgr_profile_root/bin
    ./startManager.sh
    cd WP_PROFILE/bin
    ./startNode.sh
    ./startServer.sh server1
    ./startServer.sh WebSphere_Portal

12. Enter a value for the following required parameters in the wkplc.properties file under the VMM Property Extension Properties heading:
    • la.providerURL
    • la.propertyName
    • la.entityTypes
    • la.dataType
    • la.multiValued

13. Run...

    cd WP_PROFILE/ConfigEngine
    ./ConfigEngine.sh wp-add-la-property -DWasPassword=wpsadmin

    ...to add a new property to the property extension configuration.

    This task performs an EJB call to WAS, which must authenticate against WAS. Depending on the configuration in the sas.client.props file, you may receive a popup window or a command line prompt asking for user identity and password. Enter the WAS user ID and password.

14. To propagate the security changes:

    To propagate the security changes in a stand-alone environment:

    cd WP_PROFILE/bin
    ./stopServer.sh server1 -username adminid -password passwd
    ./stopServer.sh WebSphere_Portal -username adminid -password passwd
    ./startServer.sh server1
    ./startServer.sh WebSphere_Portal

    To propagate the security changes in a clustered environment:

    cd dmgr_profile_root/bin
    ./stopManager.sh
    cd WP_PROFILE/bin
    ./stopNode.sh -username adminid -password passwd
    ./stopServer.sh server1 -username adminid -password passwd
    ./stopServer.sh WebSphere_Portal -username adminid -password passwd
    cd dmgr_profile_root/bin
    ./startManager.sh
    cd WP_PROFILE/bin
    ./startNode.sh
    ./startServer.sh server1
    ./startServer.sh WebSphere_Portal

15. Perform the following steps if you use any of the following WCM features:

    • Web content user profiling

    • Category selection trees

    • Federated content elements and components

    1. Enter the la.providerURL parameter value in the wkplc.properties file if you have not already provided a value for the parameter.

    2. Run...

       ./ConfigEngine.sh add-wcm-la-attributes -DWasPassword=wpsadmin

16. To propagate the security changes:

    To propagate the security changes in a stand-alone environment:

    cd WP_PROFILE/bin
    ./stopServer.sh server1 -username adminid -password passwd
    ./stopServer.sh WebSphere_Portal -username adminid -password passwd
    ./startServer.sh server1
    ./startServer.sh WebSphere_Portal

    To propagate the security changes in a clustered environment:

    cd dmgr_profile_root/bin
    ./stopManager.sh
    cd WP_PROFILE/bin
    ./stopNode.sh -username adminid -password passwd
    ./stopServer.sh server1 -username adminid -password passwd
    ./stopServer.sh WebSphere_Portal -username adminid -password passwd
    cd dmgr_profile_root/bin
    ./startManager.sh
    cd WP_PROFILE/bin
    ./startNode.sh
    ./startServer.sh server1
    ./startServer.sh WebSphere_Portal

If you configured your property extension database on the out-of-the-box security configuration and then configured your LDAP user registry, the properties that you added to the property extension, before configuring your LDAP user registry, will not be available. Manually add the new property to the wimconfig.xml file. For example, if the new property is prop1, add the following text to the wimconfig.xml file: <config:propertiesNotSupported name="prop1"/>.

 

Parent topic

Updating your user registry on AIX