Lotusphere 2012 IBM Collaboration Solutions Development Lab · Development Lab Lab #6 Deliver Real ... Connections server, ... Set the Domain name to the domain you will use to access

Lotusphere 2012

IBM Collaboration Solutions Development Lab

Lab #6

Deliver Real-time Collaboration and Social Software by Integrating

IBM WebSphere Portal with

IBM Connections, IBM Sametime and iNotes

1

Introduction:

In this lab we have installed the following software:

IBM WebSphere Portal 7.0.0.1IBM Connections 3.0.1IBM Sametime 8.5.1.1Lotus Domino 8.5.1

All are installed and configured with Lotus Domino LDAP

In this lab, you will learn how to:1) integrate across the environment, Portal, Connections, Sametime and iNotes

Objective:

In this lab, you will learn how to integrate the Lotus products.

This lab is broken out into 13 Exercises. It's designed where you can pick and chose theexercise you want to focus on. If you are most interested in Blogs integration into Portal,complete exercise 5. If you want to know more about the new STProxy integration withPortal, go to exercise 12. Each exercise should take between 10 – 20 min to complete andshould give you a good idea of how to set it up back in your labs, and give you a quickoverview of some of the features.

Exercises 1 and 2 are detailed steps and hints and tricks for single sign on across theenvironment. In your test environment you would need to complete this before setting upintegration. In our lab, however, you do not have to do these. SSO works, but I provided thesteps for you to follow if you want to learn more about SSO.

Exercise 3 is the 1 pre-req exercise in this lab. If you want to integrate portal withconnections (detailed in exercise 4 – 9) then you need to complete the common steps exercise(3) prior to setting up and testing the portlets.

Exercise 4, 5, 6, 7, 8 and 9 are the connections 3.0.1 portlets. Complete step 3, then pickand chose the portlets you are most interested in.

Exercise 10 details how to integrate the connections business card into portal, replacing theout of the box person card in portal with the rich content about users in Connections.

Exercise 11 provides steps on integrating iNotes with WebSphere Portal

Exercise 12 details the new integration for Portal with STProxy. The new ajax based client foradding awareness and chat to your web based experience.

Finally, exercise 13 explains how to integrate Connections with STProxy

2

Table of ContentsExercise 1: SSO Between Portal and Connections.................................................................................4Exercise 2: SSO between Portal and Domino.......................................................................................11Exercise 3: Connections Portlets – Common Steps..............................................................................24Exercise 4: Activities Portlet.................................................................................................................32Exercise 5: Blogs Portlet.......................................................................................................................38Exercise 6: Bookmark portlet................................................................................................................43Exercise 7: Profiles portlet....................................................................................................................46Exercise 8: Wikis Portlet.......................................................................................................................48Exercise 9: Tags portlet.........................................................................................................................53Exercise 10: Connections business card...............................................................................................58Exercise 11: iNotes portlet....................................................................................................................62Exercise 12: Portal STProxy integration...............................................................................................66Exercise 13: Connections awareness and Chat with STProxy..............................................................81

3

Exercise 1: SSO Between Portal and Connections

1. Configure SSO across the environment.Many of the portlet we will use allow you to specify a name/password in the configuration and SSO isnot a requirement, but typically setting up SSO is the preferred method of authentication between thedifferent servers. In this lab we will configure SSO between Portal, Connections, Quickr and iNotes.No matter the integration you decide to configure, make sure to set up SSO first.

1.1 Configure SSO between Portal and ConnectionsYou can configure the portlets where users enter their name and password to authenticate with theConnections server, but usually the experience is better if you configure Single Sign On, so we will walkthrough the steps of that now, and give you a few tips of things to watch for.

We will export the sso key file from Portal and import it into Connections.

1.2 Export Key file from Portal

__1. Access the Portal was admin console (https://portal.ibm.com:10032/ibm/console) - sign in asthe admin (localadmin : password)

__2. Choose Security > Global Security

__3. Open Web and SIP security > Single sign-on (SSO)

4

__4. Set the Domain name to the domain you will use to access portal and connections (ibm.comin our env)If you need both an LtpaToken and LtpaToken2 cookie generated, select InteroperabilityMode. For the Connections and Sametime portlets, LtpaToken2 will work well, but you willneed LtpaToken for the Quickr Domino portlets, so we will go ahead and select it now aswell:

__5. Click OK and Save the changes

__6. Now, back on the Global Security, click LTPA

__7. Click Key Set Groups

5

__8. Make sure Automatically Generate Keys is set to false (In WAS 6.1 it will be set to true bydefault, in 7.0, it will be set to false by default

__9. Click on LTPA

6

__10. Here you can update the token timeout (we’ll leave at the default of 120 minutes.Enter a password, (I used password) and a file location where to save the file (c:\portalltpa.txt) and click Export keys.

VERY IMPORTANT: NEVER click Generate keys. If you do, you would need to restartportal, then come back and click Export keys.

__11. You should see the following message

__12. Logout of the Integrated Solutions Console

The key is now exported, for the domain name update, you would need to restart Portal for it to takeeffect. That is not necessary during this lab. Now we need to import the key file into Connections andtest SSO.

1.3 Import the key file into IBM Connections

__13. Access the Connections was admin console (https://connections.ibm.com:9043/ibm/console)- sign in as the admin (localadmin : password)

7







8


__21. Click on LTPA

__22. Here you can update the token timeout to the same timeout we have set in Portal (120minutes)Enter the password used when exporting the key from from Portal, (I used password) and thefile location where you copied the file from the portal server onto the Connections server(c:\portalltpa.txt) and click Import keys.

__23. And Save the new keys

9


At this point you would need to restart Connections for the change to take effect, but that is notnecessary during this lab.

1.4 Test Single Sign On between Portal and Connections

__25. Open a browser to WebSphere Portal (http://portal.ibm.com/wps/myportal)

__26. Sign in as cprice : password

__27. Once signed in, change the url to IBM Connections (http://connections.ibm.com/profiles)

__28. You should be signed in as Charlie

__29. Single Sign on is working between Portal and Connections.

Summary:

In this lab, you learned the basic steps to configure SSO between Portal and Connections

10

Exercise 2: SSO between Portal and Domino

2 Configure SSO across the environment.Many of the portlet we will use allow you to specify a name/password in the configuration and SSO isnot a requirement, but typically setting up SSO is the preferred method of authentication between thedifferent servers. In this lab we will configure SSO between Portal, Connections, Quickr and iNotes.No matter the integration you decide to configure, make sure to set up SSO first.

2.12.1 Configure SSO between Portal and STProxy, ST Community andiNotes

We will export the sso key file from Portal and import it into Domino.

2.22.2 Export Key file from Portal




11





12


__9. Click on LTPA

13

__10. Here you can update the token timeout (we’ll leave at the default of 120 minutes.Enter a password, (I used password) and a file location where to save the file (c:\portalltpa.txt) and click Export keys.

VERY IMPORTANT: NEVER click Generate keys. If you do, you would need to restartportal, then come back and click Export keys.



The key is now exported, for the domain name update, you would need to restart Portal for it to takeeffect. That is not necessary during this lab. Now we need to import the key file into Domino and testSSO.

2.32.3 Import the SSO token into DominoYou will take the same token exported, then imported into Connections and import it into Domino forSSO to work to iNotes, Sametime Community and STProxy.

14

__13. Open the Notes Client

__14. Click on File – Open – Lotus Notes Application

__15. Under Look in: select the domino server (stcomm/ibm)select ibm’s Directoryand click Open

__16. The sametime install creates an LtpaToken document created by the server id file. We needto remove this document and recreate a new one with the admin id so you can update andchange the settings in the document.

15

__17. Open Configuration - Web - Web Configurations and delete the Web SSO Configuration forLtpaToken document

__18. Now we will recreate the document and import the token from Portal -- Open Configuration –Servers – All Server Documents

16

__19. Click Web – Create Web SSO Configuration

__20. Leave Configuration Name: LtpaTokenOrganization should be blankDNS Domain is the domain of the url you use to access Domino, Portal and Connections(ibm.com)

make sure to add the iNotes and ST community server to the list of Domino Server names(stcomm/ibm)Update the Expiration (minutes): to the value used in Portal (120)

17

__21. Click on Keys… -- Import WebSphere LTPA Keys

__22. type in the location of the exported key file from Portal (C:\portalltpa.txt) and click OK

__23. Enter the password and click OK


__25. Under WebSphere Information select the button to change the Token Format:

18

__26. Select LtpaToken and LtpaToken2 to use both tokens, the same as generated byWebSphere, and click OK

__27. Save and close the document

Now the key file has been imported into domino, you need to tell the iNotes and ST community serverto use this document for creating and decrypting LtpaTokens passed in from the browser.

__28. Back in Configuration – Servers – All Server Documents, double click on the Domino serverdocument (stcomm/ibm)

__29. Go to Internet Protocols… -- Domino Web Engine, Click Edit

19

__30. Set Session authentication: Multiple Servers (SSO)Web SSO Configuration: LtpaToken

__31. Save and Close the server document

__32. Restart the http task for the change to take effect by entering the following commands on thedomino console.

20

tell http quit

load http

21

2.1 Test Single Sign On between Portal and ST Community



__35. Once signed in, change the url to st community server(http://stcomm.ibm.com:81/stcenter.nsf)

22

__36. You should see your name at the top left corner

2.2 Test Single Sign On between Portal and STProxy



__39. Once signed in, change the url to stproxy web client url(http://stproxy.ibm.com:9081/stwebclient/popup.jsp)

__40. You should see youself logged into the stproxy web client

2.3 Test Single Sign On between Portal and iNotes



Once signed in, change the url to your mail file: (http://inotes.ibm.com:81/mail/cprice.nsf)

You should see your mail file

Summary:

In this lab, you learned the basic steps to configure SSO between Portal and Domino

23

Exercise 3: Connections Portlets – Common Steps

3 Common steps for all Connections Portlets

3.13.1 Install and add the Portlets to a pageThe portlets are available at the following url (on Greenhouse):

https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument&documentId=D5A8480B41C18F66852577E300006B78

You will simply install the snor.pf.portlets.war file in the Web Module page in Portal Administration. Wehave already completed these steps for you to save time.

Next you add the portlets to a page. Again, we have already created an added the portlets to 6 pageson our lab:

They are set up under Applications > IBM Connections> Activities/Blogs/Bookmarks/TagCloud/Profiles/Wikis pages.

All you have to do is configure the portlets to work with your Lotus Connections Installation (don’t worrythat is plenty for this lab time)

3.23.2 Add Connections SSL certificates into Portal trust store.The Connections portlets must communicate to Connections over SSL. Therefore, you need to add thepublic key used to encrypt html in Connections into the trust store used by WebSphere Portal.

3.33.3 Access and Import SSL key files into Portal


__2. Choose Security > SSL certificate and key management.

24

__3. Choose Key stores and certificates under Related Items on the right hand side.

__4. Select NodeDefaultTrustStore.

__5. Choose Signer certificates, and click Retrieve from port.

25

__6. Enterhost: connections.ibm.comport: 443Alias: lc ssl keys (this can be any value you want)and click Retrieve signer information

__7. Click OK

26

__8. Then click Save

__9. At this point you would need to restart the Portal server for the certificates to be picked up,but that won’t be necessary for our lab

__10. Go ahead logout and close out of the WAS admin console.

Now we have configured portal to connect to the Connections server over SSL.

3.43.4 Configuring portlets to use common directory services

__11. OpenC:\IBM\WPSWAS\wp_profile\installedApps\integrate\PA_WPF.ear\snor.pf.portlets.war\WEB-INF\lcaccelerator\waltz in windows explorer

__12. Copy the 4 files (directory.services.xml, directory.services.xsd, sonata.services.xml andsonata.services.xsd) to C:\IBM\WPSWAS\wp_profile\config\cells\integrate (NOTE: overwritethe existing files)

__13. Open directory.services.xml in notepad fromC:\IBM\WPSWAS\wp_profile\config\cells\integrate

__14. Update the following line:<propertyname="com.ibm.connections.directory.services.waltz.profiles.integration.service.url">https://profiles.ibm.com/profiles/</property>

to

<propertyname="com.ibm.connections.directory.services.waltz.profiles.integration.service.url">http://connections.ibm.com:9080/profiles/dsx/</property>

27

__15. and update this line:<propertyname="com.ibm.connections.directory.services.waltz.communities.integration.service.url">https://communities.ibm.com/communities/</property>

to

<propertyname="com.ibm.connections.directory.services.waltz.communities.integration.service.url">http://connections.ibm.com:9080/communities/dsx/</property>

__16. and update this line:

<propertyname="com.ibm.connections.directory.services.waltz.profiles.integration.service.auth">DSX-Admin</property>

to

<propertyname="com.ibm.connections.directory.services.waltz.profiles.integration.service.auth">None</property>

__17. Save and close the file

__18. Open the file to make sure no mistakes were made in IE, it’s a bit easier to read the xml likethis

__19. At this point you would need to restart the Portal server for the config files to be read, but thatis not necessary in our lab.

28

3.53.5 Configuring the Portal AJAX proxy to support authentication

__20. New for 3.0.1: The Connections Portlets now use the Portal AJAX Proxy as the mechanismfor forwarding security headers and cookies with each REST service call to authenticate therequest with the Connections server. You can configure the AJAX Proxy to forward LTPAtoken as well as the appropriate headers for an environment behind a TAM or SiteMindersecurity proxy. The following instructions outline the steps to enable the default setting toforward the LTPA.

__21. Open the following file from the directory where the Portal server is installed

C:\IBM\WPSWAS\wp_profile\config\cells\integrate\applications\AJAX ProxyConfiguration.ear\deployments\AJAX Proxy Configuration\wp.proxy.config.war\WEB-INF\proxy-config.xml

__22. Add a new policy to the proxy-config.xml file by adding the following lines.

Note: We have already created a working proxy-config.xml called proxy-config.xml.workingwith the updated settings. Simply rename the proxy-config.xml to proxy-config.xml.old andproxy-config.xml.working to proxy-config.xml

Where:

CONNECTIONS_SERVER_BASE_URL is the base url for your connections server. Forexample: https://connections.example.com.

SOCKET_TIMEOUT_VALUE is the maximum wait time for open requests. We recommendsetting this to 45000.

MAX_PER_HOST is the maximum number of connections per host. We recommend settingthis to 50.

29

MAX_TOTAL_CONNECTIONS is the maximum number of connections allowed. Werecommend setting this to 500.

__23. Open up a DOS command line by going to Start>Run> and typing CMD.

__24. Navigate to the Config Engine directory:

C:\IBM\WPSWAS\wp_profile\ConfigEngine

__25. Run the ConfigEngine task to set the new proxy configuration: (this has already been donefor you in this lab)

C:\IBM\WPSWAS\wp_profile\ConfigEngine>

ConfigEngine.bat checkin-wp-proxy-config-DProxyConfigFileName=”C:\IBM\WPSWAS\wp_profile\config\cells\integrate\applications\AJAX ProxyConfiguration.ear\deployments\AJAX Proxy Configuration\wp.proxy.config.war\WEB-INF\proxy-config.xml” -DWasUserId=localadmin -DWasPassword=password

30

__26. Restart the Portal Server. (This has already been done for you and no restart is needed)

At this point the portlet wide settings are complete, and we can begin to configure the individualportlets. If there are specific ones you want to see, I would recommend skipping to those sections.

Summary:

In this lab, you learned the common steps necessary for integration between Portal andConnections used by all portlets.

31

Exercise 4: Activities Portlet

4 Configure the Activities portletLet’s walk through the 5 steps for the Activities portlet

4.14.1 Configure the Service URL

__1. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portaladministrator localadmin : password

__2. Go to where we have the Activities portlet deployed (Applications – Connections – Activities)

__3. In the Activities portlet title bar click, click the down arrow button and chose Configure

__4. Set the:

Service URL to https://connections.ibm.com/activities

Profile URL to https://connections.ibm.com/profiles

Communities URL to https://connections.ibm.com/communities

and click OK

32

NOTE: This must be an SSL url to connections.

__5. Now go ahead and logout as the localadmin user and login using one of our user accounts:cprice : password

__6. Go to Applications -- Connections -- Activities

At this point you should see the Activities portlets working.

4.24.2 Using the Activities PortletsJust like in the native IBM Connections UI, in the Activities portlet, you can add a to do, an entry, or asection to an existing Activity. You can create new Activites from here, as well as edit existingActivities. In this lab we will do three things in the Activities portlet:

Create a new ActivityCreate a new Activity entry and a to do’sCheck off the to do’s we have completed

33

4.1.1.1 Create a new Activity

__1. Click on “Start an Activity”

__2. Fill in the Title, Activity Goal, Tags, and the Due date for that Activity – click Save. UnderMembers search for Greg and click the + to add him to the activity.

__3. You have now created a new Activity that also resides on the Connections server.

34

4.1.1.2 Create a new Activity entry and a to do

__4. Let’s now create a new Activity entry. Click on New Entry and create a Lab EnvironmentDetails entry.

__5. Fill out the Title, Content, and Tags sections and click Save

__6. You can now see our new entry in the Activities Portlet

__7. Lets now create a to do entry.

__8. Click Add a to do item and provide the To Do, Assigned To, Due Date, Description, Tagand click Save

35

__9. Create two to do’s:

Import the SSL certificates into Portal

Download and Install the portlets.

__10.

__11. That to do is now part of this activity:

36

4.1.1.3 Mark off our completed To Do’s.

__12. Click on the Activity we created earlier, Integrate Portal with Connections, Mail and Quickr

__13. Check off the two to do’s which we have already completed, that you entered earlier

__14. Now you should be a bit more familiar with the functionality of the Activities portlet.

Summary:

In this lab, you learned the basic steps to configure and use the activities portlet.

37

Exercise 5: Blogs Portlet

5 Configure the Blogs PortletConfiguring the blogs Portlet takes just a few steps:

Configure the Service URLEnd users add their name / password (with SSO configured this is not needed)



__2. Go to where we have the Blogs Portlet deployed (Applications – Connections – Blogs)

__3. In the Blogs Portlet title bar click, click the down arrow button and chose Configure

__4. Set the:

Service URL: https://connections.ibm.com/blogs

Profiles URL: https://connections.ibm.com/profiles

Homepage Handle: home

and click OK

38


__5. NOTE: the homepage handle is the homepage we set on blogs as part of the post installconfiguration when installing and setting up Connections. This can be anything you want, itjust needs to match the configuration on blogs.


__7. Go to Applications - Connections - Blogs

At this point you should see the Blogs Portlet working

39

5.25.2 Using the Blogs PortletIn the blogs portlet you get a summary of the latest blog entries, you can look at specific blogs, andenter entries into an existing blog. In this lab we will enter an entry into a blog I created earlier.

5.35.3 Adding a new entry to an existing blog:

__8. Click on the My Blogs Drop Down

__9. Click on the Blog we created earlier (Practically Integrated)

__10. Click on New Entry

40

__11. Provide the title, tag and blog entry. Click Save.

41

__12. Your entry is added to the blog

Now you should be a bit more familiar with the Blogs

Summary:

In this lab, you learned the basic steps to configure and use the blogs portlet.

42

Exercise 6: Bookmark portlet

6 Configure the Bookmark PortletJust as with the Activities and Blogs portlet, there are a few steps to configure the Bookmarks Portlet

Configure the Service URLEnd users add their name / password (with SSO configured this is not needed)



__2. Go to where we have the Bookmarks Portlet deployed (Applications – CollaborationConnections – Bookmarks)

__3. In the Bookmarks Summary portlet title bar click, click the down arrow button and choseConfigure

__4. Set the: Service URL to https://connections.ibm.com/dogear

Profiles URL to https://connections.ibm.com/profiles

and click OK

43

__5. NOTE: This must be an SSL url to connections.


__7. Go to Applications - Connections - Bookmarks

At this point you should see the Bookmarks Portlet working

44

6.26.2 Using the Bookmarks Portlet

6.2.1.1 Creating a bookmark from Portal

__8. Go to the Bookmark Portlet

__9. Click on My Bookmarks

__10. Click on Create Bookmark and provide the Title, Description, Link and Tags for your bookmarkand click Save. (you can use any url you want)

Click Save, and the bookmark is saved to the server as a public bookmark.

Summary:

In this lab, you learned the basic steps to do xyz.

45

Exercise 7: Profiles portlet

7 Configure the Profiles Portlet__1. Open a browser to Portal (http://portal.ibm.com:10039/wps/myportal) and sign in as the portal

administrator localadmin : password

__2. Go to where we have the Profiles Portlet deployed (Applications – Collaboration – IBMConnections – Profiles)

__3. In the Profiles portlet title bar click, click the down arrow button and chose Configure

__4. Set the:Profiles URL to https://connections.ibm.com/profiles and click OKNOTE: This must be an SSL url to connections.


__6. Go to Applications - Connections - Profiles

46

You should now see the Profiles Portlet now working

Summary:

In this lab, you learned the basic steps to configure and use the profiles portlet.

47

Exercise 8: Wikis Portlet

8 Configure the Wikis Portlet__1. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portal

administrator localadmin : password

__2. Go to where we have the Wikis Portlet deployed (Applications – Connections – Wikis)

__3. In the My Wikis portlet title bar click, click the down arrow button and chose Configure

__4. Set the:

Profiles URL to https://connections.ibm.com/profiles

Wikis URL to: https://connections.ibm.com/wikis

48

And click OK



__6. Go to Applications - Connections - Wikis

__7. You should now see the portlet working:

49

8.18.1 Using the Wikis Portlet

8.1.1.1 Creating a wiki entry from Portal

__8. Go to the Wikis portlet, click on the wiki I created earlier

__9. This will take you to the welcome page, you can click drop down next to Welcome to seemore pages in the wiki:

__10. Let's create a new page in the wiki

50

__11. Click Page Actions - Create Peer

__12. Fill out the title and description

51

__13. Click Save and you will be taken to the new page created in your wiki:

Summary:

In this lab, you learned the basic steps to configure and use the wikis portlet.

52

Exercise 9: Tags portlet

9 Configure Tags and Wiring.__1. Now that we have configured all of our Portlets, let’s configure the Tags Portlet wiring with the

some of the portlets.

__2. As an overview, there are two modes of operation with regards to the interaction between thetag cloud and the other Connections portlets: one-way and two-way communication mode.

In one-way communication mode, the tag cloud portlet sends a wire to the otherConnections portlets to update their view according to a selected tag (this is what we willbe setting up in this lab)

In two-way communication mode, the other Connections portlets can also send a wire tothe tag cloud portlet to update its view as well according to the view being displayed.

__3. Open a browser to Portal (http://portal.ibm.com/wps/myportal) and sign in as the portaladministrator localadmin : passw0rd

__4. Go to where we have the Tag Cloud Portlet is deployed (Applications – Connections – TagCloud)

__5. Click on the configure drop down on the portlet and set the following URL’s (as seen in thescreenshot)

53

__6. Note: This must be an SSL url to Connections

__7. At this point the portlet would show tags from the connections server for a user inconnections. Now we need to wire the tags portlet with the other connections portlets on thepage. Follow these steps to add wires so the portlets can exchange data.

__8. Go to Administration>Manage Pages>Content Root>Applications>Connections

54

__9. Click on Edit Page Layout (pencil icon) for the Tag Cloud page:

__10. Click on the Wires tab:

__11. Go to Edit Page Layout and setup the wiring with the following settings:

Source Portlet – tags

Target Page – Tags Cloud

Target Portlet – Profiles

Receiving – selected Tag

Wire type - public

__12. Click the “+” and you are now done with setting up the wiring between tags and profilesportlets., repeat step 11 for bookmarks and blogs

__13. Click Done once complete

__14. Now, you might be asking – what does the wiring do?

55


__16. Go to the “Tags” Page

__1. Click on the tag “connections” as an example – you will notice if will bring up any profile, blogor bookmark that has been tagged “connections”. In this case its Charlie Greg’s and Karen's profile,along with a bookmark. As you can see, no blogs currently are tagged connections.

56

Summary:

In this lab, you learned the basic steps for configuring the Tags portlet and wiring it to otherconnections portlets on the same page.

57

Exercise 10: Connections business card

10 Configure Connections Business Cardintegration

10.110.1 Ensure that ibm-primaryEmail is mapped to the mail attribute

__1. open C:\IBM\WPSWAS\wp_profile\ConfigEngine\properties\wkplc.properties

__2. Search for federated.ldap.attributes.mapping.ldapName and set it to federated.ldap.attributes.mapping.ldapName=mail

__3. Just below this, setfederated.ldap.attributes.mapping.portalName=ibm-primaryEmail


__5. Open a command prompt

__6. change dir to C:\IBM\WPSWAS\wp_profile\ConfigEngine

__7. Run ConfigEngine.bat wp-update-federated-ldap-attribute-config

__8. This should build successfully:

58

10.210.2 Create the business card url provider


__10. Choose Resources – URL – URL providers

__11. Select Default URL Provider at the Node level

__12. Under Additional Properties, select URLs

__13. Click New

59

__14. Enter….Name: CONNECTIONS_PEOPLE_CARDJNDI name: CONNECTIONS_PEOPLE_CARDSpecification: http://connections.ibm.comCategory: CATEGORY_CONNECTIONS_PEOPLE_CARD

__15. Click Ok and Save the changes

__16. Log out of the Integrated Solutions Console

__17. At this point you would need to restart the Portal server and delete all temp internet files onthe client for the change to take effect, but that will not be necessary in our lab.

__18. Open a browser, and sign into portal as our test user (charlie : password)

__19. Go to the bookmarks portlet

60

__20. Hover over a name and click ‘Click here to view business card’

Summary:

In this lab, you learned the basic steps to configure the connections business card in Portal.

61

Exercise 11: iNotes portlet

11 Configure Portal Integration with iNotes mail

Out of the box we have the DWA portlet, which you can configure to auto-detect your mail file anddisplay specific components that you want your end users to see in portal. This method uses ldap callsto the domino ldap to determine the users mailserver and mail file. This approach involves updating aproperties file on portal (csenvironment.properties) and setting the internet hostname in the serverdocument on the domino ldap directory. These options require you to restart the portal server and ldapservice, which takes longer than I want to spend on this topic. If you want to use this approach, let meknow and I can walk you through the steps on the test system.

Another option to autodetect the mail file is to use the redirect database. In the next section we willcover the redirect database.

11.111.1 Configuring the iNotes portlet to use the iNotes redirect database


__2. Go to Administration – Portlets

62

__3. Search for ‘domino’, and click the Configure icon next to Domino Web Access portlet

__4. Click on the Edit Value icon for the DWARedirectDB parameter

__5. and set it to http://inotes.ibm.com:81/redirect.nsf (the full url to the redirect database) andclick OK

__6. Back in Manage portlets – click OK

Now configure the portlet to use the redirect database parameter instead of the default of autodetectusing ldap searches.

63

__7. As the admin, click on Applications – Messaging – Mail

__8. Click on the Display Menu link at the top right of the iNotes portlet, and select Edit SharedSettings

__9. Set height to 600, and select Let the DWA Redirector find my mail databasethen click Save

__10. You will see the login screen because the portal admin in our lab does not have a mail file:

__11. Log out of portal, and log back in as a test user: cprice : password

64

__12. click on Applications – Messaging – Mail

__13. You should now see Charlie’s mail file:

Summary:

In this lab, you learned the basic steps to configure the iNotes portlet with the redirectdatabase.

65

Exercise 12: Portal STProxy integration

12 Configure Portal Awareness and Chat with STProxy

12.112.1How it works…When configuring Awareness and Chat with an STProxy server, you need the following 3 servers:

Portal 7.0.0.1IBM HTTP Server (optional)STProxy 8.5.1.1ST Community server 8.5.1.1 or higher

In our lab we also configure an IBM HTTP server in front of Portal. Once everything is configured, theflow of traffic from the browser to Portal and STProxy will all go through a single URL. The reason forthis to prevent cross side scripting errors not allowed by the browser when running the javascript andajax calls. The POST and CONNECT calls made by the STProxy api to log the user in and get statusupdates are not allowed by the browser to go to a different url than the one you are currently accessing.In our case this URL is the HTTP server in front of the Portal server, so later in the lab we will configurethe IBM HTTP Server to proxy requests for STProxy. If you do not have an HTTP server you canconfigure the AJAXProxy server in Portal to proxy these requests. The main thing is whatever you useto access Portal (IHS, Edge caching proxy, Tivoli Access Manager, Portal direct, etc.) must beconfigured to proxy the requests to the STProxy server as well, as shown in the diagram below:

66

IBM HTTP Server

WebSphere Portal

Sametime Proxy Server

Sametime Community Server

LDAP Directory

You can also allow the browser direct access to the STProxy server (as shown in the dotted line above)but it’s not necessary for the portlet to work.

67

12.212.2 Install STProxy hotfix for portal integrationThere are a number of steps you need to take before integrating Portal and STProxy

1. Portal must be on version 7.0.0.12. STProxy must be on version 8.5.1.13. an STProxy hotfix must be applied to the 8.5.1.1 system. This hotfix is a new ear that you need toupdate in WebSphere Application Server, and new jar files that are copied into the STProxy deployedapp. For this lab we have done this and synced it with the node, so we will skip these steps. Details ofthis can be found here: https://www-304.ibm.com/support/docview.wss?rs=899&uid=swg21474355

To save time, each of these steps has been completed in the lab, you can move the install and configpiece of the STProxy integration:

12.312.3 Install the Sametime Proxy Server upgrade

Now that we have the correct versions, hotfixes and fixed the portal theme, we are ready to install thenew upgraded functionality of using STProxy for awareness and chat.

First you need to download the “IBM Lotus Sametime Proxy Server upgrade for WebSphere Portal 7”,which you can find here: https://greenhouse.lotus.com/plugins/plugincatalog.nsf/assetDetails.xsp?action=editDocument&documentId=250F9656BEC11B2D8525781700435181

And run a few ConfigEngine batch files to install the new portlet into your portal server.

I have downloaded the update zip file from the portlet catalog, and unzipped it to c:\stproxy. Now let’srun the commands to install the portlet.

NOTE: The 2 commands we will run are saved for you, so you can copy and paste them into thecommand prompt…

__1. open a command prompt and change directory toC:\IBMWPS\WebSphere\wp_profile\ConfigEngine

68

__2. run the following command (you can copy this command out of the stproxycommands.txt fileon the desktop)

ConfigEngine.bat -install -installPackage C:/stproxy/SametimeProxyServerUpgrade.zip-offeringRoot ./config/work -installPath C:/IBMWPS/WebSphere/PortalServer-expandBinaries true

__3. Once this completes, run the next command in stproxycommands.txt

ConfigEngine.bat deploy-apps -DconfigExtensionList=-applySametimeProxyServerUpgrade

__4. These commands update the portal theme to work with stproxy and install the new SametimeWeb 2.0 contacts portlet. We will look at this once all the configuration is complete

12.412.4Configure SSO between Portal and Sametime.For awareness and chat to work in Portal, you must configure SSO between Portal and the Community

69

server. It’s not necessary to configure SSO on the WAS based STProxy server, as that server does notactually authenticate the user, instead it will forward the credentials passed in to the community serverto authenticate and login the user.

This can take 15 minutes todo, so there is another part of the lab where you can do this part if youwant, in this lab you can skip it.

12.512.5Fix theme to show business card in portlet

__5. in Windows exploerer go to the following folder:C:/IBMWPS/WebSphere/PortalServer/theme/wp.mashup.cc.theme/installedApps/wp.mashup.cc.theme.ear/PageBuilder2.war/themes/html/PageBuilder2

__6. Double click on config.jsp to open it in wordpad (to quickly make the changes below, simplydelete config.jsp and rename config.jsp.working to config.jsp

__7. Search for var stproxyConfig

__8. under plugins remove the following 2 lines:

lnmpAddContact : false lnmpAddSubgroup : false

Once done, the lines will look like the following:

var stproxyConfig = {server: "${sametimeProxyUrl}",isConnectClient: false,disableXDomain: true,isPortalAjaxProxy: ${isPortalAjaxProxy},plugins: {

lnmpChat : false,lnmpCall : false,lnmpMeetingInvite : false,lnmpSendAnnouncement : false,lnmpBizCard : false,lnmpAddToContacts : false,lnmpAddToContacts : false,

} }

70

12.612.6Configure WAS setting (cc.sametime.proxy.url) for browser tocommunicate with STProxy server

__9. Open a browser to the WAS admin console for Portal:(https://portal.ibm.com:10032/ibm/console) and login (localadmin : password)

__10. Click Resources -> Resource Environment -> Resource Environment Providers.

__11. In the list, locate the WP CommonComponentConfigService and open this entry by clicking it.(it will be on the 2nd page)

__12. Click Custom properties.

71

__13. Click New and enter the following settings:

Name: cc.sametime.proxy.urlValue: /stproxy

NOTE: the value can be anything you want, it just needs to start with a slash. The valueused here is used as the context root when configuring the IHS server to proxy requests forSTProxy.

__14. Click OK

__15. Click Save

__16. log out of the Integrated Solution Console

Normally you would need to restart Portal for the change to take effect, but that is not necessary in ourlab.

12.712.7Configure Portal HTTP server to communicate with STProxy server

Now that the Portal server is configured with the proxy rule for communication with STProxy, we needto configure the HTTP Server to communicate with the STProxy server.

NOTE: If you want to skip these steps, you can simply delete httpd.conf and renamehttpd.conf.working to httpd.conf in C:\IBMWPS\HTTPServer\conf, then restart the HTTP server service.

__17. Open C:\IBMWPS\HTTPServer\conf\httpd.conf

72

__18. Search for proxy and uncomment the following 2 lines:LoadModule proxy_module modules/mod_proxy.soLoadModule proxy_http_module modules/mod_proxy_http.so

__19. At the bottom of the file, just above:

LoadModule was_ap22_module"C:\IBMWPS\HTTPServer\Plugins\bin\mod_was_ap22_http.dll"

WebSpherePluginConfig"C:\IBMWPS\WebSphere\wp_profile\config\cells\wpsst\nodes\wpsst\servers\webserver1\plugin-cfg.xml"

Add the following lines: (NOTE: you can copy and paste these lines out ofstproxycommands.txt on the desktop

<IfModule mod_proxy.c> ProxyPass /stproxy http://stproxy.ibm.com:9080 connectiontimeout=2 ProxyPassReverse /stproxy http://stproxy.ibm.com:9080 ProxyPassReverseCookieDomain http://stproxy.ibm.com:9080 ibm.com ProxyPassReverseCookiePath / /stproxy</IfModule>

__20. Notice the ProxyPass /stproxy and ProxyPassReverseCookiePath / /stproxy – If you usedsomething else for the context root in the cc.sametime.proxy.url WAS variable, you wouldenter that here.


__22. Restart IBM HTTP Server for the change to take effect

__a. Open the services link

__b. Scroll down to IBM HTTP Server 7.0, right click and chose Restart

73

__c. Once the Server is restarted it is ready to proxy the requests to the STProxy server

12.812.8Change JSESSIONID cookie name in STProxy server

This is the most missed step in configuring Portal with STProxy, so after today if any of you guys callinto support and haven’t completed this step. . . I’m going to be very upset ☺. Because we use thesame url to access STProxy as we do to Portal, we need to configure a different session id on theSTProxy server, so the jsessionid cookies don’t get overwritten by each server.

__23. Open a browser to the WAS admin console for STProxy(https://stproxy.ibm.com:8601/ibm/console) and login as the administrator (localadmin :password)

__24. Expand Servers in the navigation pane, and then select Server Types -> WebSphereapplication servers.

__25. Click on STProxyServer

__26. Expand Web Container Settings under Container Settings, and then select Web container.

74

__27. Click Session management.

__28. Click on Enable cookies.

75

__29. Change the Cookie name field to STJSESSIONID.

__30. Click OK, click Save, and then logout of the Integrated Solutions Console.

At this step, you would need to restart the STProxy server for the change to take effect, but it’s notnecessary in our lab.

12.912.9Test the new portlet.

That’s it, now we are ready to test the new portlet…

__31. Open a browser to portal (http://portal.ibm.com/wps/myportal) and login as our test user(cprice : password)

__32. Go to Applications – STProxy

76

__33. The updated contact list should appear

__34. Let’s add a user to the buddy list

__35. Under Type to find name, enter Greg, and click Search directory for Greg

__36. Hover over Charlie Price and click Click for Person Card

77

__37. Select More Actions and Add to Contacts

__38. On the new window that appears click Add

78

__39. You should see the user added to the portlet

__40. Now, let’s start a chat window just so you can see some of the new features of chat inSTProxy

__41. Double click on the green icon next to Greg’s name

79

__42. Notice you have a few rich text options, not as many as the full connect client, but much morethan what was available in stlinks

Summary:

In this lab, you learned the basic steps to configure portal chat and awareness with STProxy.

80

Exercise 13: Connections awareness and Chat with STProxy

13 Configure Connections Awareness and Chat with STProxy

13.113.1How it works…When configuring Awareness and Chat with an STProxy server, you need the following 3 servers:

Connections 7.0.0.1IBM HTTP ServerSTProxy 8.5.1.1ST Community server 8.5.1.1 or higherSTProxy hotfix WHOS-8MAJ6R

In our lab we also configure an IBM HTTP server in front of Connections. Once everything isconfigured, the flow of traffic from the browser to Connections and STProxy will all go through a singleURL. The reason for this to prevent cross side scripting errors not allowed by the browser whenrunning the javascript and ajax calls. The POST and CONNECT calls made by the STProxy api to logthe user in and get status updates are not allowed by the browser to go to a different url than the oneyou are currently accessing. In our case this URL is the HTTP server in front of the Connectionsserver, so later in the lab we will configure the IBM HTTP Server to proxy requests for STProxy. If youdo not have an HTTP server you can configure the AJAXProxy server in Connections to proxy theserequests. The main thing is whatever you use to access Connections (IHS, Edge caching proxy, TivoliAccess Manager, Connections direct, etc.) must be configured to proxy the requests to the STProxyserver as well, as shown in the diagram below:

81

IBM HTTP Server

WebSphere Portal

Sametime Proxy Server

Sametime Community Server

LDAP Directory

You can also allow the browser direct access to the STProxy server (as shown in the dotted line above)but it’s not necessary for the portlet to work.

82

13.213.2 Install STProxy hotfix for Connections integrationThere are a number of steps you need to take before integrating Connections and STProxy

1. Connections must be on version 3.0.12. STProxy must be on version 8.5.1.13. an STProxy hotfix (WHOS-8MAJ6R) must be applied to the 8.5.1.1 system. This hotfix is a new earthat you need to update in WebSphere Application Server, and new jar files that are copied into theSTProxy deployed app. For this lab we have done this and synced it with the node, so we will skipthese steps.

To save time, each of these steps has been completed in the lab, you can move the install and configpiece of the STProxy integration:

13.313.3Configure SSO between Connections and Sametime.For awareness and chat to work in Connections, you must configure SSO between Connections andthe Community server. It’s not necessary to configure SSO on the WAS based STProxy server, as thatserver does not actually authenticate the user, instead it will forward the credentials passed in to thecommunity server to authenticate and login the user.

This can take 15 minutes todo, so there is another part of the lab where you can do this part if youwant, in this lab you can skip it.

13.413.4Configure Connections HTTP server to communicate with STProxyserver

Now that the Connections server is configured with the proxy rule for communication with STProxy, weneed to configure the HTTP Server to communicate with the STProxy server.

NOTE: If you want to skip these steps, you can simply delete httpd.conf and renamehttpd.conf.working to httpd.conf in C:\IBMWPS\HTTPServer\conf, then restart the HTTP server service.

__1. Open C:\IBM\HTTPServer\conf\httpd.conf

__2. Search for proxy and uncomment the following 2 lines:LoadModule proxy_module modules/mod_proxy.soLoadModule proxy_http_module modules/mod_proxy_http.so

83

__3. At the bottom of the file, just above:

LoadModule was_ap22_module"C:\IBMWPS\HTTPServer\Plugins\bin\mod_was_ap22_http.dll"

WebSpherePluginConfig"C:\IBMWPS\WebSphere\wp_profile\config\cells\wpsst\nodes\wpsst\servers\webserver1\plugin-cfg.xml"

Add the following lines: (NOTE: you can copy and paste these lines out ofIC_stproxycommands.txt on the desktop

<IfModule mod_proxy.c> ProxyPass /stwebclient http://stproxy.ibm.com:9083/stwebclient ProxyPass /stwebapi http://stproxy.ibm.com:9083/stwebapi ProxyPass /stbaseapihttp://stproxy.ibm.com:9083/stbaseapi ProxyPassReverse /stwebclient http://stproxy.ibm.com:9083/stwebclient ProxyPassReverse /stwebapi http://stproxy.ibm.com:9083/stwebapi ProxyPassReverse /stbaseapi http://stproxy.ibm.com:9083/stbaseapi ProxyPassReverseCookieDomain http://stproxy.ibm.com:9083 ibm.com ProxyPassReverseCookiePath / /</IfModule>


__5. Restart IBM HTTP Server for the change to take effect

__a. Open the services link

__b. Scroll down to IBM HTTP Server 7.0, right click and chose Restart

__c. Once the Server is restarted it is ready to proxy the requests to the STProxy server

84

13.513.5Update Connections config file to enable STProxy

__6. Open a command prompt to the Connections DMGR directory(c:\IBMLC\WebSphere\AppServer\profiles\Dmgr01\bin)

__7. Run the following command:

wsadmin -lang jython -user localadmin -password password -port 8879

__8. At the wsadmin prompt run the following commands:

execfile("connectionsConfig.py")LCConfigService.checkOutUIextensionsConfig("c:/temp","vm64Cell01")

__9. Leave the wsadmin prompt and window open

85

__10. Open uiextensions-config.xml file from the temp directory in notepad, scroll down near thebottom of the file and look for the following lines:

NOTE: instead of editing the file manually, you can simply delete c:\temp\uiextensions-config.xml and rename c:\temp\uiextensions-config.xml_working to uiextensions-config.xml

<extension name="global.pageRendering"jsCallback="lconn.profiles.sametime.sametimeProxyInit" enabled="false"/>

<extension name="lc.IMAwareness"jsCallback="lconn.profiles.sametime.sametimeProxyAddLiveName" invokeDelay="2000"enabled="false" id="stProxy">

<params><param name="isConnectClient" value="true" /><param name="lconnProxySvcUrl" value="admin_replace"/><param name="lconnProxySvcUrlSSL" value="admin_replace"/>

</params></extension>

update this section by setting enabled="true" and setting the lconnProxySvcUrl to thehostname of the HTTP Server used to access Connectoins:

<extension name="global.pageRendering"jsCallback="lconn.profiles.sametime.sametimeProxyInit" enabled="true"/>

<extension name="lc.IMAwareness"jsCallback="lconn.profiles.sametime.sametimeProxyAddLiveName" invokeDelay="2000"enabled="true" id="stProxy">

<params><param name="isConnectClient" value="true" /><param name="lconnProxySvcUrl"

value="http://connections.demos.ibm.com"/><param name="lconnProxySvcUrlSSL"

value="https://connections.demos.ibm.com"/></params>

</extension>

__11. Save and close uiextensions-config.xml

86

__12. Back in the wsadmin command window, enter the following command:

LCConfigService.checkInUIextensionsConfig("c:/temp","vm64Cell01")

__13. Type exit to exit out of the wsadmin console

At this step, you would need to restart the Connections server for the change to take effect, but it’s notnecessary in our lab.

13.613.6Test awareness and chat.

That’s it, now we are ready to test awareness…

__14. Open a browser to Connections (http://connections.ibm.com/profiles) and login as our testuser (cprice : password)

__15. At the bottom right corner of the browser, you should see where you are logged intosametime

__16. If you search the directory for Charlie

87

__17. Hover over the name, and click to show the business card

__18. You will also see that you can see the users status in the business card, and have the abilityto chat from here as well:

Summary:

In this lab, you learned the basic steps to chat and awareness in Connections using STProxy.

88

© IBM Corporation 2011. All Rights Reserved.

The information contained in this publication is provided for informational purposes only. Whileefforts were made to verify the completeness and accuracy of the information contained in thispublication, it is provided AS IS without warranty of any kind, express or implied. In addition,this information is based on IBM’s current product plans and strategy, which are subject tochange by IBM without notice. IBM shall not be responsible for any damages arising out of theuse of, or otherwise related to, this publication or any other materials. Nothing contained inthis publication is intended to, nor shall have the effect of, creating any warranties orrepresentations from IBM or its suppliers or licensors, or altering the terms and conditions ofthe applicable license agreement governing the use of IBM software.

References in this presentation to IBM products, programs, or services do not imply that theywill be available in all countries in which IBM operates. Product release dates and/orcapabilities referenced in this presentation may change at any time at IBM’s sole discretionbased on market opportunities or other factors, and are not intended to be a commitment tofuture product or feature availability in any way. Nothing contained in these materials isintended to, nor shall have the effect of, stating or implying that any activities undertaken byyou will result in any specific sales, revenue growth or other results.

IBM, the IBM logo, Lotus, Lotus Notes, Notes, Domino, WebSphere and Lotusphere aretrademarks of International Business Machines Corporation in the United States, othercountries, or both.

89