Scribd
Upload
40 views

WAS Admin Notes - 4

The document provides steps to configure security, LDAP, and database connectivity in WebSphere Application Server. It includes instructions on setting up standalone custom registry security, configuring LTPA authentication, connecting to an LDAP directory, and setting up a JDBC data source and connection pool to connect to an Oracle database. The configuration is tested by logging in with LDAP credentials and testing the database connection.

Uploaded by

krishna m
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
40 views

WAS Admin Notes - 4

The document provides steps to configure security, LDAP, and database connectivity in WebSphere Application Server. It includes instructions on setting up standalone custom registry security, configuring LTPA authentication, connecting to an LDAP directory, and setting up a JDBC data source and connection pool to connect to an Oracle database. The configuration is tested by logging in with LDAP credentials and testing the database connection.

Uploaded by

krishna m
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 50

Process:

---- Go to Global Security under security.

Click Security Configuration Wizard.


Click Next.
Select standalone custom registry.

Click Next.
Provide Primary administrative user name: wasadmin
usersFile Path: C:\Registries\users.registry
groupsFile Path: C:\Registries\groups.registry
Click Next.

Click Finish.
Click Review.
Check Synchronize changes with Nodes.

Click Save.

Click Ok.
---- Go to Global Security under Security. Select LTPA under Authentication.
In Cross-cell single sign-on (Confirm the password: password)

Click Apply.
Click Review.
Check Synchronize changes with Nodes.

Click Save.

Click Ok.
---- Select Global Security under Security.
Select Standalone custom registry under Available realm definitions.
Click Apply.

Click Review.
Check Synchronize changes with Nodes.
Click Save.

Click Ok.
----- Logout dmgr and stop and start the dmgr.

Click Ok.
---- Login to dmgr console as a wasadmin user.

----- Disable global Security. Uncheck Enable Administrative Security.


Click Apply.

Click Review.

Check Synchronize changes with Nodes.


Click Save.
Click Ok.
----- Logout dmgr console
Stop/start the dmgr.
Configure LDAP Using Sun One Directory Server 5.2 on
WAS 7.0

Click Next.

Click Accept License.


For above Fully Qualified Computer Name we have to add an entry system's host file like
" Rajashekhar.domain.com" (It's up to user's custom choice, But domain.com is must).
System's Host File will be available under this path:
C:\Windows\System32\drivers\etc\hosts (Edit this host file). See the below screen shot for the
host file.
Click Next.

Click Next.
Click Next.

Click Next.
Click Create Directory.

Click Next.

Click Next.
Click Next.

Click Next.
Enter password: $3kReT4wD.
Click Next.
Enter Password: #$8Yk$-%&

Click Next.
Click Next.

Click Install Now.


Click Next.
Click Close.
User ID: cn=Directory Manager
Password: #$8Yk$-%&

Click Ok.
The Sun ONE Server Console is displayed.
Navigate through the tree in the left-hand pane to find the system hosting your Directory
Server and click on it to display its general properties.
Click on Open.
Double-click the name of your Directory Server in the tree or click the Open button. The
Directory Server Console for managing this Directory Server instance is displayed.

Go to Directory tab.
Click on user.
Click ok.
Click on Edit with Generic Editor.
Note the uid=rkomma,dc=domain,dc=com

----- After user creation in LDAP start dmgr manager and appnode.
---Login to dmgr console.

Select Global Security.


Click on Security Configuration Wizard.
Uncheck Enable application security.

Click Next.
Select standalone LDAP registry.

Click Next.
Base distinguished name:
Specifies the base distinguished name of the directory service, which indicates the starting
point for Lightweight Directory Access Protocol (LDAP) searches in the directory service. For
example, ou=Rochester, o=IBM, c=us.

Bind distinguished name:


Specifies the distinguished name for the application server, which is used to bind to the
directory service.

Primary administrative user name: rkomma


Type of LDAP server: sun Java System Directory Server.
Host: Rajashekhar.domain.com
Port: 3891
Base distinguished name: dc=domain,dc=com
Bind distinguished name: uid=rkomma,dc=domain,dc=com
Bind password: password.
Click Next.

Click Finish.
Select LTPA

Password: password
Confirm password: password

Click Apply.
Click ok.
Check Enable administrative security.
Under available realm definitions: Standalone LDAP registry.

Click Apply.
Click Review.

Click Save.

Click ok.
------ Logout the dmgr console and stop and start the dmgr manager.
----- Login to the dmgr console with secure port no.

Click Log in.

In the above screen shot u can observe welcome rkomma. The user credentials are came from
LDAP server.
How to configure WAS to stop application server without prompting for password even though
security is enabled?
1. First go to this path
C:\IBM_ND_6.0\WebSphere\AppServer\profiles\AppSrv01\properties\soap.client.props.
com.ibm.SOAP.securityEnabled=false
(here make false as true)
com.ibm.SOAP.securityEnabled=true
com.ibm.SOAP.loginUserid=test123
com.ibm.SOAP.loginPassword=password
save the file and go to below path
C:\IBM_ND_6.0\WebSphere\AppServer\bin>PropFilePasswordEncoder.bat <full path
of soap.client.props whether in DMGR or APPSRV01><com.ibm.SOAP.loginPassword>

C:\IBM_ND_6.0\WebSphere\AppServer\bin>PropFilePasswordEncoder.bat
C:\IBM_ND_6.0\WebSphere\AppServer\profiles\AppSrv01\properties\soap.client.pro
ps com.ibm.SOAP.loginPassword
Oracle JDBC and Data source configuration
---- Go to Resources and select JDBC provider.

From the scope selection drop-down list select


Node=app_node01

Click New.
Select Database type: oracle
Provider type: oracle JDBC provider
Implementation type: Connection pool data source
Name: Oracle JDBC Driver.
Click Next.
Provide ojdbc6.jar path location. (By default oracle xe edition doesn’t have ojdbc6.jar. we have to
download that jar file and place it in oracle jdbc library)

Click Next.
Click Finish.

Click Review.
Check synchronize changes with Nodes.

Click save.
Click Ok.

Click Oracle JDBC Driver (or) Go to Resources and select Data sources under JDBC.
From Scope selection drop-down list select
Node = app_Node01

Click New.
Provide Data source name: OracleDS
JNDI name: jdbc/OracleDS

Click Next.
Select Oracle JDBC Driver under select an existing JDBC provider radio button

Click Next.
Provide url: jdbc:oracle:thin:@rajasekhar-pc:1521:XE
Data store helper class name: Oracle 10g data store helper
Check CMP.

Click Next.

Click Next.
Click Finish.

Click Review.
Check synchronize changes with Nodes.

Click Save.
Click Ok

Click the OracleDS.


Select JAAS - J2c authentication data under Related items.
Select New.
Alias = Oracle_det
User ID = system
Password = admin

Click Ok

Click Review.
Check Synchronize changes with Nodes.
Click save.

Click Ok.
---- Go to Data sources. Select OracleDS.
Select Oracle_det under component managed authentication alias.

Click Apply.

Click Review.
Check Synchronize changes with Nodes.
Click Save.

Click Ok.
Check OracleDS

Click on Test connection.


For the first time when you click the Test connection it will through the error.

Because of synch not happened, for that we have to stop the node on AppSrv01 profile and do the
synchronization and start the node.
Open CMD follow the commands in order.

Click Ok for all 3 Steps (Stop, sync and start).


---- Go to Data Sources under Resources.
Check OracleDS and Click Test connection.

Connection Successful.

You might also like